Most active commenters
  • amelius(5)
  • rollcat(4)

←back to thread

Apple: SSH and FileVault

(keith.github.io)
507 points ingve | 16 comments | 18 Sep 25 20:15 UTC | HN request time: 0s | source | bottom
Show context
georgeburdell ◴[18 Sep 25 21:42 UTC] No.45295378[source]
Biggest change for corporate non-personal Mac usage. Mac Minis are actually fairly good value and good quality for miscellaneous automation purposes. We started switching over to them at work, and the FileVault issue described here was actually one of the big things holding us back.
replies(1): >>45297133 #
TheTaytay ◴[19 Sep 25 01:50 UTC] No.45297133[source]
Ive been curious about using some Macs for general purpose servers. Is there anything else you do to make them easier to administrate as servers? Are you running Mac-specific stuff on them or more general purpose Linux containerized stuff?
replies(2): >>45297957 #>>45299480 #
1. amelius ◴[19 Sep 25 08:57 UTC] No.45299480[source]
It's generally a bad idea to use consumer hardware for servers.
replies(3): >>45299525 #>>45299545 #>>45303920 #
2. rollcat ◴[19 Sep 25 09:05 UTC] No.45299525[source]
One reason Google was a big hit was because (while all the competition was doubling down on big iron), they ran their search on commodity hardware, and compensated in software/networking.

I don't think Macs would be a great platform for running a k8s cluster, but the power efficiency alone makes them a curious alternative to explore.

replies(1): >>45299558 #
3. leakycap ◴[19 Sep 25 09:08 UTC] No.45299545[source]
Yes, and it's wise not to apply general advice to niche situations: like using a Mac mini for a web host.

With this attitude, we'd all still be running 2U Dell PowerEdge and poor Raspberry Pi would have gone out of business.

It's 2025, almost 2026. A web server from a few years ago has less power than consumer mac Mini today while using much more energy.

Throw out the advice that is from the era of physical install media and let's focus on specific (instead of general, unhelpful) advice as we move into the modern era where cheap computers are just fine.

replies(1): >>45304890 #
4. amelius ◴[19 Sep 25 09:10 UTC] No.45299558[source]
Google used x86 Linux machines. Which is common in industry. Everything is documented, unlike Apple's offerings.
replies(1): >>45300016 #
5. rollcat ◴[19 Sep 25 10:28 UTC] No.45300016{3}[source]
> Which is common in industry.

It was *not* common in mid-90s. x86 was commodity hardware - home PCs, early NT workstations. PHP was still written in Perl. Linux was a few years old - industry veterans (e.g. Greenspun) were throwing rocks at it.

Yes, the x86 platform was documented - through reverse-engineering efforts. Compaq was the first to produce PC clones, to IBM's great disdain.

Don't get me wrong - you're probably better off running Ampere. Just don't dismiss commodity hardware.

replies(2): >>45300503 #>>45303796 #
6. amelius ◴[19 Sep 25 11:46 UTC] No.45300503{4}[source]
The setup was common in universities, back then. That's probably also how they got to use it.

This wouldn't work with Apple products because Apple ultimately has control over the hardware. You don't want a server that suddenly shows "Please enter your AppleID" in the middle of something, for example.

replies(1): >>45302275 #
7. oarsinsync ◴[19 Sep 25 14:48 UTC] No.45302275{5}[source]
> The setup was common in universities, back then. That's probably also how they got to use it.

Sun Microsystems were also big in universities. As were IBM. Lots of people believed the "servers have special hardware" voodoo back then, and parroted that it's bad news to run servers on consumer hardware.

Somehow, decades later, the meme refuses to die. Unlike Sun Microsystems. Or IBM's Unix server business.

replies(1): >>45302536 #
8. amelius ◴[19 Sep 25 15:12 UTC] No.45302536{6}[source]
Except Apple has tight control. You're basically building your castle in Apple's kingdom.

If Google had used Apple appliances for their servers they would be violating the EULA and have lawyers knocking on their door.

Apple appliances are made for consumers. Apple's lawyers were not paid to cover business usecases, so they basically don't allow it.

replies(1): >>45308615 #
9. trollbridge ◴[19 Sep 25 16:51 UTC] No.45303796{4}[source]
PHP was written in C. To quote Rasmus Lerdorf:

“I wonder why people keep writing that PHP was ever written in Perl. It never was. #php”

The PHP history page at one point claimed it was:

https://web.archive.org/web/20090426061624/http://us3.php.ne...

He may have had some Perl scripts on his computer before the 1.0 C release, but that’s a far cry from “PHP was written in Perl”.

replies(1): >>45308626 #
10. snovymgodym ◴[19 Sep 25 17:02 UTC] No.45303920[source]
And yet, running clusters of Mac Minis is one of the most common datacenter solutions for when you need MacOS (usually for CI systems that run iOS builds or something similar).
replies(1): >>45304049 #
11. mrtesthah ◴[19 Sep 25 17:13 UTC] No.45304049[source]
If you want iOS build servers Apple’s licensing gives them no other option.
12. comprambler ◴[19 Sep 25 18:33 UTC] No.45304890[source]
Your data integrity is at risk not using ECC ram (EXTRA ESPECIALLY IF YOU USE SOFTWARE RAID), which is usually gated out of consumer hardware.

Though those poweredges would have had it.

replies(1): >>45320670 #
13. rollcat ◴[20 Sep 25 00:44 UTC] No.45308615{7}[source]
None of this is the point of this discussion.

The point is: commodity hardware is powerful, and it's interesting to explore its capabilities outside of its original purpose. Apple or not.

replies(1): >>45313091 #
14. rollcat ◴[20 Sep 25 00:46 UTC] No.45308626{5}[source]
Thanks for debunking, I'll stop spreading lies now ^^;
15. amelius ◴[20 Sep 25 13:12 UTC] No.45313091{8}[source]
If you ignore legal constraints, maybe.
16. leakycap ◴[21 Sep 25 07:00 UTC] No.45320670{3}[source]
Unless you're sending the Mac mini to space as part of this project, the internal hardware ECC built in to Apple silicon SoC combined with the extremely short unified memory paths removes this as a valid concern

Any software RAID on macOS is a risk I wouldn't be willing to take, but that is another matter entirely and has nothing to do with ECC.