Writings

For years, I’ve relied on SSH as the gateway into my LAN from the outside world.

This post is an overview on how I setup this site (built using Hugo) to be automatically deployed to my Caddy server using Gitlab’s continuous deployment.

I’m setting up a new Ubuntu 18.04 server and wanted the drives to be encrypted. Since the machine is headless in my basement, however, entering a password on boot is annoying.

We used to run a development blog for work. We wanted:

1. To use NGINX to host this content. It was all static pages.
2. To limit access to people within our network, or to employees while outside the network (phones, laptops, etc.).
3. We didn’t want to deal with user accounts, active directory, etc.
4. We wanted super low friction for users.

Yubico just announced the new YubiKey 5 and of course I needed to buy one!

I’m a huge fan of QubesOS. Here are some slides from an internal company presentation trying to inflict QubesOS on my coworkers.

My boys are in Boy Scouts and the annual Kub Kar races are a fun part of the program.

I use SSH daily (with SSH keys) and would like to use GPG routinely (if only people I conversed with would use it) but key management is always a problem.

I think that using the Yubikey for authentication is worthwhile.

OpenBSD includes out-of-the-box support for login via.