HackerTrans
TopNewTrendsCommentsPastAskShowJobs

doorsopen

no profile record

comments

doorsopen
·в прошлом году·discuss
Port knocking is so 2014. Single Packet auth for publicly exposed hidden services is great: https://github.com/mrash/fwknop
doorsopen
·в прошлом году·discuss
As someone who works with SREs every day, this breaks my heart.

1 - Don't be on-call while going to ski

2 - fail2ban and other automated systems can do this for you

3 - Passwords suck and are typically not regularly rotated unless you're using some centralized IdP

If you're in this situation you have already failed. If you use password auth use 2FA as well, and then I don't cry, it's just toil though.