AWS to Bare Metal Two Years Later: Answering Your Toughest Questions About Leaving AWS

Two years after our AWS-to-bare-metal migration, we revisit the numbers, share what changed, and address the biggest questions from Hacker News and Reddit.

https://oneuptime.com/blog/post/2025-10-29-aws-to-bare-metal-two-years-later/view

P.S: I work for oneuptime, please feel to ask any questions you feel like asking.

https://redd.it/1oj1rdz
@r_systemadmin

KeepassXC SSH Agent not working properly on MacOS

I set up the Agent integration as described in the docs and `ssh-add -l` also lists the keys as being loaded:

4096 SHA256:...(RSA)
256 SHA256:...(ED25519)

but when I try to connect to a host I get the following error:

debug1: Offering public key: /Users/myuser/.ssh/id_ed25519 ED25519 SHA256:... agent
debug1: Server accepts key: /Users/myuser/.ssh/id_ed25519 ED25519 SHA256:... agent
sign_and_send_pubkey: signing failed for ED25519 "/Users/myuser/.ssh/id_ed25519" from agent: agent refused operation

Unfortunately I didn't find a way to increase the log-level so that the ssh-agent shows me the reason for the refusal. I also checked the permissions on my files. And they should be alright.

drwx------  .
.rw-r--r--@ ├──  .DS_Store
.rw------- ├── 󰌆 id_ed25519
.rw-r--r--@ ├── 󰷖 id_ed25519.pub
.rw------- ├── 󰌆 id_rsa
.rw-r--r--@ ├── 󰷖 id_rsa.pub

[https://www.reddit.com/r/KeePass/comments/1oj5txn/keepassxc\_ssh\_agent\_not\_working\_properly\_on\_macos/](https://www.reddit.com/r/KeePass/comments/1oj5txn/keepassxc_ssh_agent_not_working_properly_on_macos/)

https://redd.it/1oj616w
@r_systemadmin

Azure portal down?

Getting portal offline - there is no internet connection. UK South.

https://redd.it/1oj86h5
@r_systemadmin

So how much of Microsoft is down?

Looks like http://office.microsoft.com/, Microsoft.com, and Entra sites are all down for the UK and I can access a UK based VM in Azure and that's seeing the same problems...

Oh... and Azure? Or is it the same issue?
https://www.theregister.com/2025/10/29/aws\_us\_east\_1\_more\_problems/?td=rt-3a

Yes could be Azure US-EAST-1
https://www.tomshardware.com/news/live/aws-outage-strikes-again-colossal-internet-breakdown-strikes-again

Hmmm our VMs are running in Azure but the portal isn't, Microsoft Graph is running in the backend, but the Entra admin center is not.

UPDATE:
Starting at approximately 16:00 UTC, we began experiencing DNS issues resulting in availability degradation of some services. Customers may experience issues accessing the Azure Portal. We have taken action that is expected to address the portal access issues here shortly. We are actively investigating the underlying issue and additional mitigation actions. More information will be provided within 60 minutes or sooner.

https://redd.it/1oj8sgk
@r_systemadmin

Another AWS/O365 Outage

Here we go again. Midwest USA here. If you look at AWS and O365 in DownDetector the outage spike is pretty much the same. Glad Amazon's stock prices are up with the most recent round of firings.... /s

https://redd.it/1oj9h2i
@r_systemadmin

Typical MS

Azure down.

Fine. Shit happens.

But below is the current recommendation from MS

While we dont have an ETA yet. customers can consider implementing failover strategies with Azure Traffic Manager, to fail over from Azure Front Door to your origins: https://learn.microsoft.com/azure/architecture/guide/networking/global-web-applications/overview

Guess what? learn.microsoft.com is also down. I am not sure what they are smoking before spitting out these advices.

I think I need to print out all the manual from now on /s

https://redd.it/1ojbw4l
@r_systemadmin

What a week

Hi guys

Just wanted to let you know about the crazy week I've had.

Last week, I started working working at AWS as a Junior DevOps Engineer. I was working on a product called Route 53. I thought I'd be helpful and as soon as I got my Github login, I logged in that afternoon and saw some code that didn't make much sense, something about $configuration =, so I removed it and pushed my code.

For some reason that day Amazon fired me for no reason. Budget cuts I reckon.

Today I started my first day at Microsoft Azure working on their DNS system, got my Github log in so obviously looked through the source code and found another piece of code that didn't make much sense. It said ENV file no idea what it means so I deleted it and pushed again.

Strangely the executive team at Microsoft has called me into the meeting first thing tomorrow morning. Think I'll be getting praise for my performance!

P.S. one thing I've noticed working at these big companies are these office environments are crazy! Lots of people shouting and running around especially in the afternoons.

https://redd.it/1oje0o0
@r_systemadmin

Are you actually seeing AI revolutionize your workplace, or has it mostly just been Copilot and crappy chatbots?

I keep seeing all these companies doing layoffs attributing it to needing less employees because of AI, but to be honest I don't believe it.

At least within my company, the most we have done is roll out Copilot and a crappy AI chatbot for our customer service chat. As far as I can tell, our employees are primarily using Copilot as a beefed up search engine to find old emails and video recordings, and our customers are attempting to bypass the AI chatbot to speak to a customer service rep, just like they have always done. Neither of these services have really moved the needle for us, other than now we're paying for these AI tools that we weren't paying for two years ago.

I have a strong suspicion that the vast majority of companies are in the same boat. Is anyone here actually seeing AI revolutionize their workplace, or are you seeing these tepid half measures that don't really accomplish much other than costing more money?

https://redd.it/1ojcpsa
@r_systemadmin

Emergency Help - entire domain inacessible

Hello Guys, we are fucked up our entire domain is inacessible - PLESE HELP!

A colleague of mine tried to remove a child domain from the domain forest.

Our Setup:

croot.local is the root domain with two domain controllers on this root level
Four subdomains: childone.croot.local, childtwo.croot.local, childthree.croot.local, childfour.croot.local

A colleague of mine has successfully moved all Users and Groups from chilfrour.croot.local to childthree.croot.local and now wanted to demote/remove childfour.croot.local from the forest.

I have no idea which commands he has used. He has used chatgpt instructions only and was not supported by anyone else.

All clients, domain controllers and servers in the ENTIRE FOREST report:
The username or password is incorrect. Try again

Do you have any idea on how to get back into our system?

https://redd.it/1ojbifu
@r_systemadmin

Tired of your boss sending you messages that start with "But ChatGPT Said…"?

https://stopcitingai.com/

A simple static webpage, inspired by motherfuckingwebsite.com, comicsanscriminal.com, etc.

https://redd.it/1ojhjhj
@r_systemadmin

Thickheaded Thursday - October 30, 2025

Howdy, /r/sysadmin!

It's that time of the week, Thickheaded Thursday! This is a safe (mostly) judgement-free environment for all of your questions and stories, no matter how silly you think they are. Anybody can answer questions! My name is AutoModerator and I've taken over responsibility for posting these weekly threads so you don't have to worry about anything except your comments!

https://redd.it/1ojvk39
@r_systemadmin

Jamf is getting acquired by private equity

https://ir.jamf.com/news/news-details/2025/Jamf-Enters-into-Definitive-Agreement-to-be-Acquired-by-Francisco-Partners-in-2-2-Billion-Transaction/default.aspx



Be prepared for price hikes and degrading quality.





https://redd.it/1ojto7u
@r_systemadmin

Anti Rant - Some users are a joy to work with.

This isn't a Rant, but there is no Anti-Rant flair, so here it is.

I asked a user to come in, for a support case, all is handled nice and easy without much hassle. He then asks about a different problem that he has been experiencing, something trivial that I decided to deal on the spot because it took me only 45 seconds to apply the fix.

5 Minutes later, he creates a ticket to say that the issue was solved by me and he just opened the ticket so we can track it on our side.

Aren't these users a joy to work with? Love to see it on the workplace.

https://redd.it/1ojwtv3
@r_systemadmin

Oldest Technology Still Kicking

I replaced a token ring network at a rural tractor repair place about 20 years ago, and even then it was way out of date. What’s the oldest tech you guys have seen still in use in a working company?

https://redd.it/1ojx6wu
@r_systemadmin

Does anyone else struggle with getting laptops back after employees leave from managers?

After one of the employees left. the manager asked for the physical laptop to get some files off of it. It's been months since then. After asking for it back that manger respond with

we are making slow progress and working through the information on the laptop. Timeline to finish the task is still unknown. Until unless there is a strong reason for the laptop to be returned, we may have to raise a continual request to keep the laptop until we have all the information needed. 

I dont think this really appropriate since 1st off they dont need to have a strong reason to return assets that dont belong to that department.

What would y'all do in this case, or have done in the past? I have not yet responded to this email.

https://redd.it/1ojxape
@r_systemadmin

We're rolling out a time tracker to 500+ remote machines. What are the technical hitches I'm not thinking about?


Our company is standardizing on a single time tracking tool for all remote and hybrid employees, and the deployment has landed on my desk. The tool is Monitask, and I'm responsible for getting it onto about 500 machines.

My job isn't to debate the policy (it's a transparent rollout, all communicated by HR), but to make sure it doesn't become a technical dumpster fire.

I'm already planning for the obvious stuff: noscripting the deployment via GPO/Intune, potential conflicts with our EDR, and testing for resource usage on older laptops.

For the sysadmins here who have had to deploy this kind of agent-based software at scale, what were the unexpected headaches I’m I bound to run into? Any advice from the trenches would be a huge help.

https://redd.it/1oju7sz
@r_systemadmin

The Tragedy of LinkedIn...

A couple of weeks ago some pour soul posted up on Linkedin that his Windows 11 installation went a bit askew and now he was locked of his own dam computer. All he got when he turned it on was a screen asking for a BitLocker key. That is frustrating. So, he went to LinkedIn where all the "experts" hang out.

What happened next was eye-opening. While the poor b@stard needed some actionable advice on how to get back into his system all he got was commentary. For example, the merits of BitLocker vs other encryption packages. The need for encryption on laptops. The importance of encryption for compliance. Difference between different versions of Bitlocker. Whether Bitlocker uses 128-bit or 256-bit..Just pure unadulterated BS.

If this person's house was on fire...there was not one person in the crowd taking a p!ss on the burning house. It was just talk. Stupid talk. Not one piece of actionable advice. I'm now thinking that if I were hiring someone in the morning - that last person on earth I would hire would be a LinkedIn commentator. Useless. Absolutely useless. Give me a do-er, not a LinkedIn commentator, any day...Rant /over

https://redd.it/1ok3lks
@r_systemadmin

Two of our company devices somehow ended up getting assigned the same random hostname by Windows

We just got a bunch of laptops in at another office- we don't have Intune setup, we just have someone go through OOBE and install NinjaOne (yes this is dumb, we're "working on it").

When I remoted in I noticed none of the noscripts had ran- then noticed the username on the Overview was different. Somehow, that machine had ended up with the same exact random hostname as a machine that had already been deployed. They're not even from the same batch- the other machine went out about 3 months ago. I'm absolutely baffled.

Screenshot of the two machines

https://redd.it/1ok3ncq
@r_systemadmin

M365 sprawl is getting out of hand

Our Teams setup has turned into the Wild West. Random groups, no naming rules, duplicate SharePoints.
We’re testing out some structure tools with Silicon Reef that help automate provisioning and cleanup.
Anyone else found a decent way to keep things organized without nuking everything?

https://redd.it/1ok10e8
@r_systemadmin

Is It Worth Taking a $25K Pay Cut for Better Work-Life Balance?

I'm deciding whether to stay in my 100k remote role with high workload or to take a 75k job with a 5 to 10 minute commute, that may or may not be better. In my current role, I manage 3–10 cloud migration projects at once, and my manager recently added a long list of goals: 80 hours of LinkedIn Learning (PowerShell + soft skills), a Google Workspace certification, writing a noscript, 6–15 migration improvements, 18–40 hours of provisioning tickets, and two presentations. Next year, the goals expand to include a Google Data Engineer certification, a 40-hour data course, and more improvements and tickets. These goals are rated on a weighed scale, so I don't have to achieve all of them, but do you still think these are unreachable?

I interviewed for another role that’s more cybersecurity-focused, working with Azure, AWS, and PKI/Certificate Authorities. It’s more specialized but pays less ($75K vs. $100K) and is in-person with government contracts, which might carry some layoff risk if projects slow down. My current job is remote but has had three layoffs in the past three years, so neither feels completely secure. I also feel like Google cloud migrations is very niche. Do you think I will get siloed into a service that not many people use when it seems like most applications I see focus on Azure?

I’m torn between staying remote or taking the lower-paying role for a potentially better work life balance although that's not guaranteed. I also don't know if I'll regret going back to working in person either. Do you think it’s worth the pay cut and commute, or should I stay put and keep looking for something better?

https://redd.it/1okahlo
@r_systemadmin

Court order for email from long deleted mailbox

I have been assigned the task of finding emails from an account that has its O365 license removed around 2 years ago. Obviously this thing is long gone and there is no email archive or backup that exists. Only solution available is to search through the other 700 or so email accounts looking for relevant emails from 5 years ago and hope I get lucky? I'll likely end up needing to testify about methods and why I was or was not successful.

I've had to do similar things in the past but I always had some kind of archive or the account still existed. What kind of tools would you use to find this off a hosted Exchange? I can buy tools if the price is reasonable and have global admin to the tenant for permissions.

https://redd.it/1okbhy8
@r_systemadmin