Dan Langille's Other Diary

He has another, more popular, diary. This one is more general.

Security

  • Today I faced the first consequences of my TXT & Let’s Encrypt strict policy
  • Creating a very specific TXT only nsupdate connection for Let’s Encrypt
  • ssh with 2FA
  • Which hosts have this vuln package installed? SamDrucker knows.
  • scripts for monitoring vulns in FreeBSD jails
  • ACME domain alias mode
  • Using mtqq to create a notification network: mosquitto, mqttwarn, hare, and hared
  • No more certificate fingerprints – only sasl auth instead
  • Postfix suddenly starts rejecting email it had been accepting
  • Getting acme.sh to renew certs via cronjob on FreeBSD
  • subversion via ssh passphrase-less key
  • cert-puller: using anvil to pull down & install new certificates, then restart services
  • anvil – copying the certificates to the website
  • cert-shifter: copying certificates from acme.sh to a fresh directory
  • Introducing anvil – Tools for distributing ssl certificates
  • When mv can’t mv – Let’s Encrypt
  • acme.sh: getting free SSL certificates – installation configuration on FreeBSD
  • Did your system tell you about security updates?
  • mail.app on Apple OSX and IOS fail when connecting to 4096-bit StartCOM certificates

Like what we do?

As an Amazon Associate I earn from qualifying purchases.

Want a good read? Please try:
FreeBSD Mastery: Jails (IT Mastery Book 15)

My Websites

  • BSDCan
  • DVL Software Limited
  • FreshPorts
  • FreshSource
  • langille.org
  • PGCon
  • The FreeBSD Diary
  • The Racing System
  • unixathome.org

Search

Categories

Backups Bacula beadm BSDCan Conferences cvsup DELL DHCP Disks DNS ezjail File Systems FreeBSD freebsd-update FreshPorts ftp General hardware iocage IP Filter Jails Kernels Let's Encrypt Mail Mailing Lists Mountain Bikes Moving to PA Nagios named Network monitoring Networks Non-related topics Open Source OpenVPN Opteron Pentabarf PGCon Postfix PostgreSQL poudriere R720 Security ssh WordPress ZFS

Recent Comments

  • Dan Langille on Converting an iocage jail to a vanilla jail
  • Race Boyer on Converting an iocage jail to a vanilla jail
  • Michael Hurley on Eaton ePDU Auth Algorithm & Crypto Algorithm for SNMPv3 Configuration
  • Dan Langille on Eaton ePDU Auth Algorithm & Crypto Algorithm for SNMPv3 Configuration
  • Michael Hurley on Eaton ePDU Auth Algorithm & Crypto Algorithm for SNMPv3 Configuration

Archives

Follow Me

Twitter
© 2005-2019 Dan Langille Suffusion theme by Sayontan Sinha