Posts in category "security"

Typing passwords every time you SSH into a Proxmox node gets old fast — especially with a six-node cluster. Here's how to set up SSH key authentication and an SSH config so you can just type 'ssh harlan' and be in.

Dependabot misses Python pip security issues that pip-audit catches. Here's a GitHub Actions workflow that audits dependencies automatically without requiring pinned versions.

ISC2 Cybersecurity Certificate (CC) offered for free through the end of 2024 is a nice opportunity to add some skills for people interested in Information Security. The offer includes a full set of online self-paced training materials along with a voucher for taking the certification. No professional experience is required to take and receive this certification. You do have to register with ISC2 for their yearly membership, called an Annual Maintenance Fee (AMF) at $50 USD, but only after you pass the certification. That is a reasonable price to join a professional organization and to get tracked into a future path for the professional certification like the SSCP, CCSP, and CISSP.

I’m live with the Lets Encrypt certificates for the blog.mcgarrah.org website. This has been awhile in the making and I’m kind of excited. I’m on a legacy environment with Ubuntu 12.04 LTS so part of the process is manual but certificate update just happens nicely. Updating the Apache config files has a little bit of effort but nothing too bad.

I’m beginning to setup enough infrastructure that a wildcard certificate would be nice but I’m uninterested in paying several hundred dollars a year for that certificate. The free certs that used to be around just are not there anymore so far as I can see. My goal is to setup SSL certificates for both my email server and all the virtual host web sites I’m hosting under my mcgarrah.org domain for less than a hundred dollars a year.