Tag Archives: security

SSH: RSA keys, and ssh-agent for SSH keys and their passwords management

1 December 2019
 

 During keyring configuration for the Nextcloud client (see the Linux: the Nextcloud client, qtkeychain and the “The name org.freedesktop.secrets was not provided by any .service files” error post) – I decided to clean up the mess in my SSH keys, as I have a lot of them and sometimes authentication became just pain. In general… Read More »

Linux: the Nextcloud client, qtkeychain and the “The name org.freedesktop.secrets was not provided by any .service files” error

1 December 2019
 

 After installing Nextcloud (see the Nextcloud: running in Docker Compose on Debian with Let’s Encrypt SSL post), on the next day its client ton my Arch Linux asked for authentication. But after I entered my credentials, it returned me the following error: Reading from keychain failed with error: ‘The name org.freedesktop.secrets was not provided by… Read More »

What is: SAML – an overview, its structure and requests tracing between a Jenkins and Okta SSO

17 November 2019
 

 During the SAML SSO configuration for our Jenkins, I faced an issue, when some attributes weren’t passed from Okta to the Jenkins instance. So in this post will try to figure out what is SAML in general, will take a short overview of its architecture and main components, and will make some SAML-requests tracing/sniffing to… Read More »

Okta: G-Suite integration – provisioning and users import and export

25 October 2019
 

 And going forward with Okta setup for our project. Previous posts: Okta: SSO authentication for Gmail and Slack Jenkins: SAML Authentication with Okta SSO and users groups Jenkins: SAML, Okta, users groups, and Role-Based Security plugin Github: SAML, Okta, and Github Enterprise Cloud – Organization SSO configuration The next task is to integrate our Google… Read More »

Jenkins: SAML Authentication with Okta SSO and users groups

11 October 2019
 

 SAML – Secure Assertion Markup Language is used for federated authentication when some service which we need to get access to (a Service Provider), asks another service (an Identity Provider) to perform a user’s authentification. Check the documentation here>>>. Service Provider (SP): is a system where need to authenticate, in our case this will be Jenkins… Read More »

Okta: the Custom domain and TLS configuration

4 October 2019
 

 You can use your own domain configured for Okta. The one thing worth to mention here is the fact that Okta’s official plugin doesn’t work with a Custom domain feature so you’ll have to use Okta’s URL for the plugin authentification, see the  documentation for details. Custom domain configuration Go to the Settings > Customization:… Read More »

PostgreSQL: FATAL: Peer authentication failed for user “name”

11 September 2019
 

 A quick note mainly for myself on how to enable remote access in PostgreSQL and create its database dump. An EC2-server moved to our AWS account with one website. During an attempt to connect to the PostgreSQL running on this host – the “FATAL: Peer authentication failed for user “name”” appears. And the same error… Read More »

AWS: IAM users keys rotation, EC2 IAM Roles and Jenkins

30 May 2019
 

 Today I checked our IAM-users and “suddenly” recalled that it’s good to update their credentials sometimes: Well, that’s good to do but here is a question: it’s simple enough to set an expire for keys in IAM, but what to do with all scripts which are used in our Jenkins and which are using those… Read More »