Ubuntu

So I wrote this a few years ago for Ubuntu and it’s pretty useful, so I ported it over from my old blog. I have performed this configuration for Arch Linux as well and frankly I should write a blog about it, because it was a little fiddly. Anyway here’s the old blog. So one thing I really appreciate about Yubikeys is that they force the issue of security. They are a discrete, physical second factor. Don’t have your Yubikey? Good luck getting on to the system. This isn’t to say that somehow the Yubikey (Or similar, U2F-capable devices) will secure everything under the sun, and let’s be real there are always going to be side channel attacks, but the point of any endeavor in security is to delay a sufficiently motivated attacker until they A.) Get caught, or B.) Lose motivation. Traditionally, setting up second factor authentication on end-user boxes has been a bit of a pain, requiring an agent (Such as the old Windows Yubico agent that relied on a HMAC challenge-response setup) some other sort of implementation. Because of the nature of PAM this ties right in, and because it’s using FIDO2 it should be good to use for the foreseeable future. ...

So I’ve ported this article over because it was unironically one of my most popular articles. I guess people really like VNC, which is a mess. Given that Wayland is supposed to be coming back as the “real” default of Ubuntu soon I should revisit this. So in setting up Ubuntu 17.10 on a remote server, you might naturally wish to set up VNC on your box because let’s face it, monitor connectivity is at a premium and command-line wizardry, while amazing, isn’t the best way to go for everyone. ...

I wrote a bunch of blogs about SSSD that people might find useful during my tenure at IDMWorks. The unfortunate and hilarious thing about link rot is that resources that were made years ago no longer exist because knowledge no longer trends. Here are those articles as archived by the Wayback machine. https://web.archive.org/web/20210728083720/https://www.idmworks.com/iam-technology/linux-sudoer-mgmt-part-1/ https://web.archive.org/web/20211026212830/https://www.idmworks.com/iam-technology/linux-sudoer-mgmt-part-2/ https://web.archive.org/web/20220128123900/https://www.idmworks.com/iam-technology/linux-sudoer-mgmt-part-3/ https://web.archive.org/web/20211028182020/https://www.idmworks.com/apps-for-enterprise/ubuntu-netplan/ For a time after I left IDMWorks, the articles were noted to have been written written by “Christine B.”, who I presume worked content management for IDMWorks in porting over to a new system. ...