I use SSH keys to protect all of my SSH logins. The following shell code starts only one ssh-agent and adds all ssh-keys to that agent. I recommend adding it to your ~/.bashrc file, so the proper environment variables are set up.
if [ `ps -C ssh-agent | wc -l` -ne 2 ]; then ssh-agent -a $HOME/.ssh/agent.sock > $HOME/.ssh/agent.env source $HOME/.ssh/agent.env for key in $HOME/.ssh/*.pub; do pkey=`basename -s .pub $key` ssh-add $HOME/.ssh/$pkey done fi
For these last two weeks, I have posted eight days out of ten applicable days. I am running out of ideas that don’t involve politics, and training for my new job has impacted my free time. Most of the problem is finding nonpolitical topics.
Shame on both DELL and AMD for this. It doesn’t improve security and makes ewaste an even bigger problems.
A day or two after I posted my complaint about businesses not training employees, I accept an offer at a company that does train their employees. Yay. I am not sure how it is going to affect my post rate here though.
WordPress and several other pieces of web software written in PHP are notorious for using old and broken algorithms for securing passwords. If you are using a PHP version of 5.5 or newer, you should get okay security by default. However, even phpass’ developers recommend not using their software if you can use PHP 5.5 or newer. I strongly suggest installing and enabling the PHP Native password hash plugin, especially if your WordPress install was ever run on any of the PHP 5 family. The plugin’s two most significant advantages are it actually gets updated to include new, more robust algorithms, and it automatically migrates passwords to the newer algorithms on login.
I have been dealing with the issue of many people wanting one year of experience with tool A, but they won’t train you on the differences between tool A and tool B, which I do have experience on. But I need someone with experience? A person with one year of experience in a tool isn’t an expert on the tool. They are a moderately experienced beginner. Also, since Tool A and Tool B do the same job, the differences in how those tools work is maybe a week or two of adjustment, not a whole year of adjustment.
I moved this site to TLS 1.3 a few weeks ago. So far, it has been working great if I use a web browser. Unfortunately, no one has updated Curl to work with TLS 1.3. The second issue is that Curl is the HTTP client library du jour for C or languages that use C’s Foreign Function Interface. Unfortunately, TLS 1.3 only breaks nearly all applications that use a web callback or WordPress’ APIs.
To add TLS 1.2 back as an option
#Add below the SSLCipherSuite for TLSv1.3 SSLCipherSuite ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384 #Add +TLSv1.2 to the end of the SSLProtocol line SSLProtocol -all +TLSv1.3 +TLSv1.2
I am going to move the post schedule from daily to Monday through Friday.