Linux
Gatekeeper Script for SSH
The gatekeeper pattern adds a post-authentication challenge to SSH sessions using ForceCommand. The concept was inspired by a scene in a movie where a system …
Bind
Ports and ProtocolsA DNS server needs to be reachable by clients. The following ports are relevant for a BIND deployment: Port Protocol Direction Description 53 …
GPG Process Notes
These are my working notes on GnuPG key management, smartcard workflows, and related operational practices. This covers everything from initial key creation …
Yubikey
found top level header in "/notes/security/yubikey/" that didn't match meta title ("YubiKey 5 Series" != "Yubikey")The YubiKey 5 …
Syslog-NG
Syslog-NG is a fast, reliable, and secure syslog daemon that can do advanced processing and log centralization while maintaining a sane configuration file …
Secure Boot on Older and Unstable Motherboards
Recently I found my desktop motherboard was vulnerable booting malicious payloads due to the use of a developer reference key in production firmware. I have a …
Podman Socket Compatibility for Docker Tools
While using a tool that unexpectedly was running part of its build using the docker daemon on Linux. I need to quickly come up with a workaround. Most Linux …
Logical Volume in Use
While attempting to automate some filesystem creation that involved LVM I kept running into an issue occasionally with some holding open the logical volumes. I …
Extracting Dracut Built initramfs
It's been a hot second since I've dived into the lands of initramfs and as is the way of things, it has gotten a tad more complicated. The simple way that used …