My Profile Photo

Sheogorath's Blog


Depending on the time of the day a friend, a colleague, a wise guy. The beauty of the world is its sense of humor to show humans their way by letting them search their own.


  1. Home is where SSO works

    Some people might already noticed, but during last year I setup keycloak for SSO to all services on my private setup. And to tell things as they are: It’s awesome. You open your browser, as always it deleted all cookies. I open my Mastodon instance, click on login, enter my password and click on my YubiKey. Logged in. …


  2. Privacy for SSH

    SSH is probably one of the most used protocols world-wide and daily used by developers and administrators. But have you ever thought about what your SSH connection might tells about you? …


  3. Manage Firefox on Fedora

    When you run Firefox in an enterprise environment, you are for sure interested in deploying your settings and not rely on the defaults. This whole topic got even more important with the deployment of DNS over HTTPS (DoH) in Firefox. …


  4. Why for Matrix TOFU is not an option yet

    When you stay around the support channels of Matrix, you’ll come across a lot of people asking why end-to-end-encryption (E2EE) is so complicated in Matrix or more explicit in Riot and why you have to verify each and every device of each and every member of a room. In order to get a properly trustable, encrypted room. …


  5. Updating the UEFI/BIOS of a Lenovo t450s using Fedora

    A year ago, my Lenovo X1 Carbon running Fedora was greeting me with firmware updates for the first time, using fwupd, an awesome service for integrated firmware updates on Linux. A service that the Linux community was lacking for way too long and probably due to it’s absence causes millions of Linux setups to be vulnerable to firmware flaws of unpatched hardware running underneath the system.1 The one I installed fixed 3 CVEs from 2018 (CVE-2018-12126, CVE-2018-12127, and CVE-2018-12130) ↩ …


  6. How to create an LUKS-encrypted external device on Linux

    Nowadays you shouldn’t leave any data on a disk unencrypted. Therefore creating an encrypted external hard drive is considered good practice to store your data, system backups and more. …


  7. Atom plugin "gitlab-integration" leaks your tokens

    After waiting 90 days for the developer to answer or fix it, it’s time to inform the public. …