Security

Here I will keep security related posts. Anything related to authentication, authorization, encryption or the likes.

Hosting a successful GPG Keysigning Party

Tue, 11/22/2022 - 23:00

A GPG Keysigning party is an event where people verify each other's identity and sign their GPG keys. Doing so increases the effectiveness of the "Web of trust" and the total trust each key has.

BGP Hijacking - What is it and how to prevent it?

Wed, 09/30/2020 - 17:04

BGP stands for Border Gateway Protocol, more commonly known as the system that keeps the internet (and by definition, routing) working correctly. Sometimes misconfigurations (Like accidentally announcing a wrong prefix) can break the internet. In this blog post, I will explain BGP Hijacking and how to prevent it. Primarily for people without network experience.

SSH Authentication via LDAP

Fri, 05/01/2020 - 23:12

So you got an OpenLDAP server running? Great! Now you want to connect it to as many systems as possible to ease the burden of managing users and authorization. However, you also want to allow SSH key authorisation managed via a central place. Can LDAP be used for this? This article will help you get started to set this up in your organisation.