Tag: howto

  1. Automating deployment of Let's Encrypt certificates.

    08 January 2018

    A couple of weeks back, somebody I know asked me how I went about deploying SSL certificates from the Let's Encrypt project across all of my stuff.  Without going into too much detail about what SSL and TLS are (but here's a good introduction to them), the Let's Encrypt project will issue SSL certificates to anyone who wants one, provided that they can prove somehow that they control what they're cutting a certificate for.  You can't use Let's Encrypt to generate a certificate for google.com because they'd try to communicate with the server (there isn't any such thing but …

    Read more...

  2. Quick and easy SSH key installation.

    28 December 2017

    I know I haven't posted much this month.  The holiday season is in full effect and life, as I'm sure you know, has been crazy.  I wanted to take the time to throw a quick tip up that I just found out about which, if nothing else, will make it easier to get up and running on a Raspberry Pi that you've received as a gift.  Here's the situation:

    You have a new account on a machine that you want to SSH into easily.  So, you want to quickly and easily transfer over one or more of your SSH public …

    Read more...

  3. Administering servers over Tor using Ansible.

    08 December 2017

    Difficulty rating: 8.  Highly specific use case, highly specific setup, assumes that you know what these tools are already.

    Let's assume that you have a couple of servers that you can SSH into over Tor as hidden services.

    Let's assume that your management workstation has SSH, the Tor Browser Bundle and Ansible installed.  Ansible does all over its work over an SSH connection, so there's no agent to install on any of your servers.

    Let's assume that you only use SSH public key authentication to log into those servers.  Password authentication is disabled with the directive PasswordAuthentication no in the …

    Read more...

  4. Keybase and Git.

    29 November 2017

    A couple of weeks ago a new release of the Keybase software package came out, and this one included as one of its new features support for natively hosting Git repositories.  This doesn't seem like it's very useful for most people, and it might really only be useful to coders, but it's a handy enough service that I think it's worth a quick tutorial.  Prior to that feature release something in the structure of the Keybase filesystem made it unsuitable for storing anything but static copies of Git repositories (I don't know exactly waht), but they've now made Git a …

    Read more...

  5. Cleaning up Firefox... somewhat.

    08 September 2017

    Chances are you're running one of two major web browsers on the desktop to read my website - Firefox or Google's Chrome.

    Chrome isn't bad; I have to use it at work (it's the only browser we're allowed to have, enforced centrally).  In point of fact, I'd have switched to it a long time ago if it wasn't for one thing.  I make heavy use of a plugin for Firefox called Scrapbook Plus, which make it possible to take a full snapshot of a web page and store it locally so that it can be read offline, annotated, and full-text searched …

    Read more...

  6. Keybase, font sizes, and screen resolution.

    14 August 2017

    Some time ago I wrote an article about what Keybase is and what it's good for.  I also mentioned one of my pet peeves, which is that, by default the fonts used by the Keybase desktop client are way, way too small to see easily on Windbringer.  A couple of days ago somebody finally figured out how to blow up the fonts on the desktop, so I can finally see what's going on without putting my nose on the display (and making the mouse cursor jump around because Windbringer has a touchscreen).  While I wish that this would be a …

    Read more...

  7. Restarting a Screen session without manual intervention.

    15 June 2017

    EDIT - 20171011 - Added a bit about getting real login shells inside of this Screen session, which fixes a remarkable number of bugs.  Also cleaned up formatting a bit.

    To keep the complexity of parts of my exocortex down I've opted to not separate everything into larger chunks using popular technologies these days, such as Linux containers (though I did Dockerize the XMPP bridge as an experiment) because there are already quite a few moving parts, and increasing complexity does not make for a more secure or stable system.  However, this brings up a valid and important question, which is "How …

    Read more...

  8. Notes on using the Kryoflux DiskTool utility to make archival images of floppy disks.

    01 June 2017

    Some time ago, I found myself using a Kryoflux interface and a couple of old floppy drives that had been kicking around in my workshop for a while to rip disk images of a colleague's floppy disk collection.  It took me a day or two of screwing around to figure out how to use the Kryoflux's software to make it do what I wanted.  Of course, I took notes along the way so that I would have something to refer back to later.  Recently, I decided that it would probably be helpful to people if I put those notes online …

    Read more...

  9. Website file integrity monitoring on the cheap.

    30 May 2017

    A persistent risk of websites is the possibility of somebody finding a vulnerability in the CMS and backdooring the code so that commands and code can be executed remotely.  At the very least it means that somebody can poke around in the directory structure of the site without being noticed.  At worst it would seem that the sky's the limit.  In the past, I've seen cocktails of browser exploits injected remotely into the site's theme that try to pop everybody who visits the site, but that is by no means the nastiest thing that somebody could do.  This begs the …

    Read more...

  10. Getting stuck upgrading Bolt and what to do about it.

    08 May 2017

    UPDATE - 20170512 - More SQL surgery.

    So, as you've no doubt noticed I've been running the Bolt CMS to power my website for a while now.  I've also mentioned once or twice that I've found it to be something of a finicky beast and doing anything major to it can be something of an adventure.  I tried to upgrade my site last week (tonight, by the datestamp on this post) and had to restore from backup yet again because something went sideways.  That something was the upgrade process going wrong and throwing an exception because of something in the cache directory …

    Read more...

6 / 10