-
Home is where SSO works
Some people might already noticed, but during last year I setup keycloak for SSO to all services on my private setup. And to tell things as they are: It’s awesome. You open your browser, as always it deleted all cookies. I open my Mastodon instance, click on login, enter my password and click on my YubiKey. Logged in. …
-
Privacy for SSH
SSH is probably one of the most used protocols world-wide and daily used by developers and administrators. But have you ever thought about what your SSH connection might tells about you? …
-
Manage Firefox on Fedora
When you run Firefox in an enterprise environment, you are for sure interested in deploying your settings and not rely on the defaults. This whole topic got even more important with the deployment of DNS over HTTPS (DoH) in Firefox. …
-
Why for Matrix TOFU is not an option yet
When you stay around the support channels of Matrix, you’ll come across a lot of people asking why end-to-end-encryption (E2EE) is so complicated in Matrix or more explicit in Riot and why you have to verify each and every device of each and every member of a room. In order to get a properly trustable, encrypted room. …
-
Updating the UEFI/BIOS of a Lenovo t450s using Fedora
A year ago, my Lenovo X1 Carbon running Fedora was greeting me with firmware updates for the first time, using fwupd, an awesome service for integrated firmware updates on Linux. A service that the Linux community was lacking for way too long and probably due to it’s absence causes millions of Linux setups to be vulnerable to firmware flaws of unpatched hardware running underneath the system.1 The one I installed fixed 3 CVEs from 2018 (CVE-2018-12126, CVE-2018-12127, and CVE-2018-12130) ↩ …
-
How to create an LUKS-encrypted external device on Linux
Nowadays you shouldn’t leave any data on a disk unencrypted. Therefore creating an encrypted external hard drive is considered good practice to store your data, system backups and more. …
-
Atom plugin "gitlab-integration" leaks your tokens
After waiting 90 days for the developer to answer or fix it, it’s time to inform the public. …