So, maybe you’ve heard about the Musk take-over of twitter, and maybe you’ve heard about the mass exodus of a large number of users from the old platform. Personally I try not to knee-jerk react to things like this but I haven’t been exceedingly active on twitter lately. I have also long had an interest…
What My Family Thinks I Do For a Living
Note: This was originally written for Red Hat’s Enable Sysadmin Blog, https://www.redhat.com/sysadmin The job title “System Administrator” is sometimes vague within the industry. Some sysadmins are responsible for a wide swath of devices, from desktops, to servers, to printers, to air conditioning units. So, sometimes when you tell another IT professional that you’re a sysadmin,…
How to Validate Security by Scanning All The Things
Note: This article was originally published on Red Hat’s Enable Sysadmin blog, https://www.redhat.com/sysadmin In parts one and two of this series, I walked you through hardening your system by identifying unneeded services, then segmenting and firewalling. Now that you’re all locked down, let’s talk about how we might validate that all of that hard work…
Defense in Depth
Note: This was originally posted on Red Hat’s Enable Sysadmin blog. https://www.redhat.com/sysadmin This is the next step in my series on hardening and network security. Please check out the previous article on Lowering your Attack Surface by Disabling Unnecessary Services. Flat Networks There was a time when all networks were flat. A flat network is…
Locking down sshd
SSH, or Secure SHell, is the way in which a modern linux system is managed. Most experienced sysadmins love the direct access and power they get from being able to securely connect to a shell on their systems with relative ease. SSH replaced Telnet somewhere in the 90’s as the remote access protocol of choice,…
RHEL 8 Beta – The podman cometh
I’m working through poking the RHEL8 beta with a pointy stick. In reading through the release notes, and poking around yum, I found that docker is suspiciously missing. For a company so bent on Open Containers, I thought that was pretty odd. So I started to dig a bit. Turns out, containers aren’t gone, just…
Installing the proprietary NVIDIA drivers on Fedora 29
Check out the rest of this story here, if you’re looking for the full tale of woe. This is the final article in my story regarding start to finish, getting my Dell Inspiron from a fresh install of Fedora 29, to a functional laptop. It wasn’t easy. Mostly thanks to the NVIDIA 960M that the…
Fedora 29 – Discrete NVIDIA – Boot troubles
In my third article in this series, I’m going to talk a bit about the failure case I hit after installing Fedora 29 on my laptop, and how I was able to get to a command line to fix it. You can read the story up to this point in this article. To sum up…
Adding a local user, in Fedora 29’s Live environment
As I wrote in this article, I’ve recently gone through some trouble with Fedora 29 and my laptop. The first issue I ran into was, the installer, when launched from the LiveUSB for F29, doesn’t create a local user, or let you set roots password. So, the first step I had to take in fixing…
Discrete video adapters, in Fedora 29, you poor doomed soul
OK, so something posessed me to reinstall my perfectly functional Dell Inspiron 7559 with an Nvidia discrete 960m display adapter. I’ve been through this a few times, and every time it’s been a hassle. The Fedora project has made some changes recently that have made it even trickier. I just went through a fresh install,…