whatsdoom.com

Updating the Expiration Date of a GPG key

DateReadtime 5 minutes Series Part 2 of Getting Started with GPG Tags

I use gpg to sign my git tags and recently I had an issue where signing failed. Something like:

$ git tag -m "1.5.0" v1.5.0
error: gpg failed to sign the data
error: unable to sign the tag

And after some debugging I discovered that my subkeys …

more ...

Platform based dependencies in poetry

DateReadtime 1 minutes Tags

Problem

I have a small django project that I develop on both linux and mac. I deploy this project using the alpine version of the python docker image.

Originally, I had installed the psycopg2-binary package on my mac for local development, but once started to package up the app, I …

more ...

Docker Compose Log File Settings

DateReadtime 1 minutes Tags

The Problem

I recently connected to a remote machines and found a disk space warning.

In order to diagnose the cause of the disk space issue, I used a neat tool called ncdu (NCurses Disk Usage).

sudo ncdu /

Using the excellent interface, I was able to trace the issue to …

more ...

SSH Certificates with step-ca

DateReadtime 4 minutes Series Part 2 of Step CA tools Tags
ca / tls / ssh

Installation

Follow instructions on the previous post or the step readme

Setup

Create required root and SSH signing keys:

$ step ca init --ssh
✔ What would you like to name your new PKI? (e.g. Smallstep): Whatsdoom
✔ What DNS names or IP addresses would you like to add to your new …
more ...

Creating Airgapped keys for Yubikey

DateReadtime 9 minutes Series Part 1 of Getting Started with GPG Tags

Introduction

Before you begin, it would probably be a good idea to have three flash drives and a Yubikey.

  1. Your first USB stick will be a Live USB that will boot the airgapped system.
  2. The second will store the packages that you will need to install on the newly booted …
more ...

Restricting rsync access with SSH

DateReadtime 2 minutes Tags

SSH public keys can be added to ~/.ssh/authorized_keys on a typical system to allow the holder of the private key to access the system. Sometimes however you might want to restrict the access a particular key has.

In my case, I wanted my CI system to be able to …

more ...