S4E0: "Telling Secrets"
Posted
Modified
Comments
0
| Previous Episode | Next Episode |
|---|---|
| S3E22: "Shitshow IV: the Return of the Shitshow" | S4E1: "Measuring Success" |
| Recorded (UTC) | Aired (UTC) | Editor |
|---|---|---|
| 2019-02-07 03:30:26 | 2019-02-17 18:54:56 | "Edita" |
| Format | SHA256 | GPG | Audio File |
|---|---|---|---|
| MP3 | 3738b178b86e3714b4a00ca5310383c71d65f8128df8c97f8f44651c9e1d1a20 | click | click | OGG | 434ac40f2c0a45b2dc9a149d592d40ffef9d9f2122acc96e512f2b4a19b182ac | click | click |
With this episode, we kick off our fifth season, season 4! (Because you always, always count from 0.)
Just the Tip
- Paden talks about rm.
- Please be sure to see the errata!
rm -rf /*will absolutely toast your install, I think Paden was talking aboutrm -rf /.
- Please be sure to see the errata!
Notes
Starts at 14m37s.
I was drinking nothing. Paden was drinking Glenmorangie Original. Jthan was drinking Miller Lite.
- If you have a central SSH-based management server and want a way to manage remote Let’s Encrypt certificates (without using DNS challenges), check out certbot-ssh.
- Password management
- We’ve talked about the standard UNIX password manager (here, here, here, here, and here)
- KeePass is actually not too bad (but make sure you see the errata).
- When we had a Radio Statler segment at HOPE with Johnny Xmas and Deviant Ollam, and/or had Johnny and Daryl on the show, the topic of 2FA/MFA came up and that it is probably the biggest step a regular user can take to secure themselves.
- I talk about Vault a fair bit.
- We talk a bit about password management “at scale”.
- We talk about “becoming” a user in S3E21.
- We talk about BYOD in S1E3.
- 2FA
- A commonly missed factor for possible 2FA is a third-party human reviewer.
- Jthan’s been really getting into Yubico’s YubiKey.
15 Clams
In this segment, Jthan shares with you a little slice of life. The title is a reference to this video. (2m16s in)
Starts at 55m51s.
One of your clams is Jthan doing a dramatic, high-tension reading of top.
Errata
- One of our listeners (thanks, Nosbig!) alerted to us that just a couple days after this episode dropped, some flaws were discovered in KeePass (and other password managers). It’s still fairly safe, but make sure you read the discovery in full!
- Paden recommends this podcast as an alternative to our now-defunct News segment.
- I said “password-hyphen-store.org” – but there’s no hyphen in the domain. Oops!
- Linode does indeed have 2FA for their manager login, but it has to be configured from the “classic”/“legacy” manager login.
- There are indeed RFCs for RFCs:
- Correction:
rm -rf /*does indeed still work (andrm -rf /indeed does not):
[root@test ~]# rm -rf / rm: it is dangerous to operate recursively on '/' rm: use --no-preserve-root to override this failsafe [root@test ~]# rm -rf /* <REALLY BAD STUFF HERE>
Music
| Track | Title | Artist | Link | Copyright/License |
|---|---|---|---|---|
| Intro | upward glance | Dee Yan-Key | click | CC-BY-NC-SA 4.0 | Outro | Automat 1.1 | TERROR COUPLE | click | CC-BY-NC-SA 3.0 |
Author
r00t^2
Categories
Season Four
Comments
There are currently no comments on this article.
Comment...