The next task is to add a new user who will have access to check pods state and watch logs – any other operations must be prohibited. AWS EKS uses AWS IAM for authentification in a Kubernetes cluster (check the Kubernetes: part 4 – AWS EKS authentification, aws-iam-authenticator and AWS IAM post for details), bot… Read More »
Currently, I’m using KeePass as passwords, RSA-keys, and as the Freedesktop SecretService, see the KeePass: an MFA TOTP codes, a browser’s passwords, SSH keys passwords storage configuration and Secret Service integration post. The first issue I faced with during such a setup is the fact that KeePass’ database is synced between my computers (it’s database… Read More »
When using an MFA for an email account you can face an issue when the same mail account may be used by multiple team members and each of them needs to have the MFA configured. for example, we have a mailbox company-admin@google.com and I’d like to set up an MFA protection on it with Google… Read More »
As a follow-up to the SSH: RSA keys, and ssh-agent for SSH keys and their passwords management post. The idea now is to make simpler to work with password-protected SSH keys, to avoid the necessity to enter a password each time when you want to load a key to the ssh-agent. One of the possible… Read More »
So, this seems to be the last one post in the whole series about passwords and SSH management in Linux. The previous parts were about: Linux: the Nextcloud client, qtkeychain and the “The name org.freedesktop.secrets was not provided by any .service files” error – I found that a keyring service is able to store SSH… Read More »
One of the motives to go deeper into the keyrings (see the What is: Linux keyring, gnome-keyring, Secret Service, and D-Bus post) was the fact that Chromium, surprise-surprise, keep passwords unencrypted if a Linux system has no keyring and/or Secret Service enabled. So, let’s try to find how and where Chromium store passwords, and the… Read More »
It’s a really long-read post and I wast sure if it’s better to split it into three parts or put them together. On the one side, there are keyrings, from another – D-Bus, and finally, there is a Secret Service. Eventually, I decided to keep them here together as I googled all it in the… Read More »
During keyring configuration for the Nextcloud client (see the Linux: the Nextcloud client, qtkeychain and the “The name org.freedesktop.secrets was not provided by any .service files” error post) – I decided to clean up the mess in my SSH keys, as I have a lot of them and sometimes authentication became just pain. In general… Read More »
After installing Nextcloud (see the Nextcloud: running in Docker Compose on Debian with Let’s Encrypt SSL post), on the next day its client ton my Arch Linux asked for authentication. But after I entered my credentials, it returned me the following error: Reading from keychain failed with error: ‘The name org.freedesktop.secrets was not provided by… Read More »
During the SAML SSO configuration for our Jenkins, I faced an issue, when some attributes weren’t passed from Okta to the Jenkins instance. So in this post will try to figure out what is SAML in general, will take a short overview of its architecture and main components, and will make some SAML-requests tracing/sniffing to… Read More »