Maybe I should have taken a vacation sooner... now it's cool and rainy
Still using RSA for OpenSSH authentication?
You should read: https://latacora.singles/2018/08/03/the-default-openssh.html
tl;dr: OpenSSH uses by default the md5 hash of your password to encrypt the id_rsa private key.
Good news, you can fix it by running this command (with -o it uses the improved key-format):
ssh-keygen -o -p -f ~/.ssh/id_rsa
Or even better, generate a new ed25519 key (they use the improved key-format by default):
ssh-keygen -t ed25519
Thanks @amenthes for pointing me to the article!
A cow peed on my car this morning.
While I was driving down the highway.
How's your day going?
Maybe it’s because I’m less than a day in — but the user interface of *everything* around Mastodon and the client apps I’ve tried is not good. I’m constantly confused.
I’m really hoping for the Tweetbot and Twitterrific of Mastodon to appear. With a Mac app too — that supports multiple accounts (because I use multiple accounts).
watching a developer get frustrated with a security feature of an OS he doesn't use and ask how to disable all security instead of learning how the feature works. 😞
closed the tab and now it's working again. wonder what broke.
Neat. can no longer scroll in mastodon. all the other tabs in Safari scroll just fine. not this one
TFW you get an email from a security company you like and they're all "Cisco is acquiring". oh no.
Wanted to read a Peerlyst article which required me to sign up. Okay, sure. Three tries before my password manager could generate a password that the site liked. "One special character" should be identifying which special characters it likes.
Monday morning. Digging through database logs to find a random error from the weekend... only 18 million rows of data
Need a filter tool for mssql trace files
Jerry rigged an antenna out of old speaker wire for this am radio. Thinking size of the loop and length of the wire is important.
wouldn't be so bad if he was part of the call in the first place.
need to learn how to think about OPSEC in an open office. coworker is repeatedly using information I give over the phone to ask me questions.
I think it’s time to show my kids just how much network knowledge I have. Had to unplug the router twice to get their attention. Going to automate that with voice commands.
Disconnect thing one now.
Going into the app you get one further question: Why? Choices are "this is a fraudulent authentication" or "I hit this by mistake".
The logging is fascinating... if I decline Duo auth without actually going to the app, it gets recorded as denied by mistake. Nope, pretty sure I declined it on purpose. If I fail to notice the request at all, it's accidental decline by mistake. Fair, I'll accept that one.
Oh hey, somebody is trying to break into one of my servers. Duo keeps prompting me for authentication. Pretty sure I'm not at that source address.
A Mastodon instance for info/cyber security-minded people.