Linux

Virtualized Linux guest in FreeNAS 9.10 using iohyve

During the day I'm a manager of one of the greatest security teams on the planet (in my biased estimation), but at night (and random times throughout the day), I'm a sysadmin tinkerer. There's just something about goofing off with operating systems that appeals to me; this is likely what caused me to devote five years of my life to working on Annvix back in the day.

I've been running a local IPA install ...

Read More

Life

Replaced GPG Key

Quick note to indicate that I've revoked my old GPG key (key id 0x94BE833CE8B86CAB) and replaced it with my new one (key id 0xBD51CB9670DF9DE7). My new key's fingerprint is:

1810 81E8 178E 4692 03F6 BFD0 BD51 CB96 70DF 9DE7

and it is signed with the old (revoked) key. You can download the key directly from me or from pgp.mit.edu which is where you can also see the old key is revoked.

Read More

macOS

Figuring out GPG, SSH and U2F with YubiKey 4

You know your wife is a keeper when she gets you a YubiKey 4 for your birthday! I was really excited about this YubiKey because of its support for storing your GPG private keys and also for an SSH private key, in addition to the U2F (Universal 2nd Factor) support. I've been using earlier versions of the YubiKey for OTP (one-time password) and U2F, but the new version was especially interesting to me because of ...

Read More

Life

2016: A Retrospective

I've been spending a lot of time thinking about this past year and all of its challenges and accomplishments, the moments of growth and clarity, the opportunities taken and the opportunities missed. I'm not one to get deeply personal in public, and won't get into a lot of the nitty gritty as I write this, but the end of a year is an opportunity to look back and do some self-reflection. I'm a ...

Read More

Linux

Using GitLab CI to deploy to remote host over ssh

I've been using GitLab for a while now and I really like it. I can't objectively say whether it's better than GitHub or not (I have a few projects on GitHub but I rarely make any changes to them and even more rarely use the web UI), but one of the things I appreciate about GitLab is the fact that I can run my own copy of it and store my own stuff in ...

Read More

Linux

Countdown to SHA1-based HTTPS Doom

So it's been noted in a few places that 2017 is the year that SHA1 for HTTPS is doomed. Microsoft has deprecated SHA1 in Edge and Internet Explorer browsers and in February 2017 will be blocking them entirely. Google is doing the same thing with Chrome starting January 2017, as is Firefox.

Most sites today don't use SHA1-based SSL certificates (which is good) and there are sites you can go ...

Read More

Linux

Periodic security reviews (and a bit of a rant)

Today marks one month that my "work time" is 100% devoted to Red Hat; last month I "retired" from any of the IT/web work for my church that I've been doing for the last 12 or so years. It's been an interesting month being able to spend time on things that I want to spend on outside of regular Red Hat work hours. =) My rediscovered and available time has been spent ...

Read More

Christianity

Consumer Christianity

Today we held a "Ministry Fair" at the church that serves to highlight the many ministries within our church as a way to highlight the sorts of things we do and also to allow others to volunteer and serve in particular areas where we have need. As I stood at my station, I began to think about the church and why I, with my family, attend and serve... and it caused some interesting reflection ...

Read More

Linux

Replacing a FreeNAS drive

I was on holidays a few weeks ago and decided to replace an aging Mac Pro that I had been using as a Plex server with a new FreeNAS box, since I could run a jail with Plex. So I used the four 3TB WD Red drives in the Mac Pro with another two new similar drives to construct a new FreeNAS box.

Of course, the problem with those four drives I used as a ...

Read More