Salt [1] is not only useful for configuration management or infrastructure automation in general but also a flexible platform to build your own specialized solutions on top. This blog post shows how easy it is to leverage Salt from within your own Python code and how it helped us to simplify and enhance a complex deployment process based on Xen-Hypervisors [5] and virtual machines.
When Docker was released it felt like a revelation to developers and admins. For the first time a user space utility combined some old but very nifty kernel features in an easy-to-use package. But after some time, weaknesses of the Docker architecture were observed and alternatives to it emerged. In this article, we take a quick look at one of these alternatives and showcase its use with a popular internal use case at B1 Systems.
Larger companies have a big network with different network segments. Often they have active components like routers and firewalls inside the network to avoid bad traffic and unauthorized connections. If you now like to implement a new (open source) software, which needs a connection to another server, you have to ensure that the connection is possible. You have two options for solving this problem. We’ll look into both of them.
In a previous blogpost we learned how to use git and bash aliases and also use bash completion. Another nifty feature is showing some git information in your bash prompt. This blogpost will show you how.
If you are like me, you will likely work on several different projects on a daily basis – and all of them will be stored in git.
Sure, git is easy to use. But typing the same set of commands multiple times, every day, can be quite annoying. Fortunately, using bash and git together allows to create some user-defined shortcuts.
Videokonferenzen erfreuen sich gerade in Coronazeiten großer Beliebtheit, passen aber auch so ins 21. Jahrhundert, in dem Meetings auch online abgehalten werden können. Die Open Source Videokonferenzplattform BigBlueButton zeigt, wie dies auch mit eigenem Hosting unabhängig und datenschutzkonform möglich ist.
Universal Second Factor (U2F) devices were invented as a second factor for websites using two factor authentication. The website sends a challenge, the U2F device responds if its button is pressed. A small LED starts blinking, you press your button and thus confirm the usage.
But you cannot only use U2F devices for websites. Using PAM’s pam_u2f module, you can plug it into any service that uses PAM. This was described in my previous article.
If you want to use your U2F device to unlock your running session, you need to treat it like a key. So, when you leave your desk to grab a cup of coffee, you need to take your key with you. You should of course lock your screen when you leave your desk, too. But wait – couldn’t you combine these steps? Lock your screen by removing your U2F device?
Inspired by a recent article series in the German magazin c’t (1, 2, 3), I got my hands on two simple U2F devices to find out if their usage might help my work pattern.
Imagine sitting in public transportation and having to retype your (root) password for each and every sudo call you issue. Imagine having to retype your password each time your screen lock engages. Imagine just having to touch a small button on a USB device instead.