Wandering Thoughts archives

2025-07-06: The easiest way to interact with programs is to run them in terminals
2025-07-02: On sysadmins (not) changing (OpenSSL) cipher suite strings
2025-06-28: A new little shell script to improve my desktop environment
2025-06-21: My pragmatic view on virtual screens versus window groups
2025-06-09: Potential issues in running your own identity provider
2025-06-08: Thinking about facets of (cloud) identity providers
2025-06-03: I have divided (and partly uninformed) views on OpenTelemetry
2025-06-02: Things are different between system and application monitoring
2025-05-28: Our Grafana and Loki installs have quietly become 'legacy software' here
2025-05-20: The five platforms we have to cover when planning systems
2025-05-14: Two broad approaches to having Multi-Factor Authentication everywhere
2025-05-12: Our need for re-provisioning support in mesh networks (and elsewhere)
2025-05-10: Using WireGuard seriously as a mesh network needs a provisioning system
2025-05-07: Chosing between "it works for now" and "it works in the long term"
2025-05-01: The complexity of mixing mesh networking and routes to subnets
2025-04-19: Tailscale's surprising interaction of DNS settings and 'exit nodes'
2025-04-11: How I install personal versions of programs (on Unix)
2025-04-06: Sorting out the ordering of OpenSSH configuration directives
2025-04-02: The order of files in /etc/ssh/sshd_config.d/ matters (and may surprise you)
2025-03-30: Our simple view of 'identity' for our (Unix) accounts
2025-03-29: Using SimpleSAMLphp to set up an identity provider with Duo support
2025-03-27: US sanctions and your VPN (and certain big US-based cloud providers)
2025-03-26: Three ways I know of to authenticate SSH connections with OIDC tokens
2025-03-14: Some notes on configuring Dovecot to authenticate via OIDC/OAuth2
2025-03-09: How I got my nose rubbed in my screens having 'bad' areas for me
2025-03-05: A Prometheus gotcha with alerts based on counting things
2025-03-04: What SimpleSAMLphp's core:AttributeAlter does with creating new attributes
2025-03-03: If you get the chance, always run more extra network fiber cabling
2025-02-25: MFA's "push notification" authentication method can be easier to integrate
2025-02-23: JSON has become today's machine-readable output format (on Unix)
2025-02-20: It's good to have offline contact information for your upstream networking
2025-02-19: Shared (Unix) hosting and the problem of managing resource limits
2025-02-18: One problem with "shared Unix hosting" was the lack of resource limits
2025-02-12: How you should respond to authentication failures isn't universal
2025-02-10: Everything should be able to ratelimit sources of authentication failures
2025-02-04: The practical (Unix) problems with .cache and its friends
2025-01-31: Modern languages and bad packaging outcomes at scale
2025-01-30: The tradeoffs of having an internal unauthenticated SMTP server
2025-01-23: Sometimes you need to (or have to) run old binaries of programs
2025-01-18: Some ways to restrict who can log in via OpenSSH and how they authenticate
2025-01-17: Thoughts on having SSH allow password authentication from the Internet
2025-01-14: My bug reports are mostly done for work these days
2025-01-11: IMAP clients can vary in their reactions to IMAP errors
2025-01-08: Using tcpdump to see only incoming or outgoing traffic
(Previous year)
By month for 2025: Jan Feb Mar Apr May Jun Jul; before 2025.

These are my WanderingThoughts
(About the blog)

Full index of entries
Recent comments

This is part of CSpace, and is written by ChrisSiebenmann.
Mastodon: @cks
Twitter @thatcks

* * *

Categories: links, linux, programming, python, snark, solaris, spam, sysadmin, tech, unix, web
Also: (Sub)topics

This is a DWiki.
GettingAround
(Help)

Search:
Page tools: See As Normal.
Search:
Login: Password:
This dinky wiki is brought to you by the Insane Hackers Guild, Python sub-branch.