When using an MFA for an email account you can face an issue when the same mail account may be used by multiple team members and each of them needs to have the MFA configured. for example, we have a mailbox company-admin@google.com and I’d like to set up an MFA protection on it with Google… Read More »
As a follow-up to the SSH: RSA keys, and ssh-agent for SSH keys and their passwords management post. The idea now is to make simpler to work with password-protected SSH keys, to avoid the necessity to enter a password each time when you want to load a key to the ssh-agent. One of the possible… Read More »
So, this seems to be the last one post in the whole series about passwords and SSH management in Linux. The previous parts were about: Linux: the Nextcloud client, qtkeychain and the “The name org.freedesktop.secrets was not provided by any .service files” error – I found that a keyring service is able to store SSH… Read More »
One of the motives to go deeper into the keyrings (see the What is: Linux keyring, gnome-keyring, Secret Service, and D-Bus post) was the fact that Chromium, surprise-surprise, keep passwords unencrypted if a Linux system has no keyring and/or Secret Service enabled. So, let’s try to find how and where Chromium store passwords, and the… Read More »
It’s a really long-read post and I wast sure if it’s better to split it into three parts or put them together. On the one side, there are keyrings, from another – D-Bus, and finally, there is a Secret Service. Eventually, I decided to keep them here together as I googled all it in the… Read More »
During keyring configuration for the Nextcloud client (see the Linux: the Nextcloud client, qtkeychain and the “The name org.freedesktop.secrets was not provided by any .service files” error post) – I decided to clean up the mess in my SSH keys, as I have a lot of them and sometimes authentication became just pain. In general… Read More »
After installing Nextcloud (see the Nextcloud: running in Docker Compose on Debian with Let’s Encrypt SSL post), on the next day its client ton my Arch Linux asked for authentication. But after I entered my credentials, it returned me the following error: Reading from keychain failed with error: ‘The name org.freedesktop.secrets was not provided by… Read More »
During the SAML SSO configuration for our Jenkins, I faced an issue, when some attributes weren’t passed from Okta to the Jenkins instance. So in this post will try to figure out what is SAML in general, will take a short overview of its architecture and main components, and will make some SAML-requests tracing/sniffing to… Read More »
And going forward with Okta setup for our project. Previous posts: Okta: SSO authentication for Gmail and Slack Jenkins: SAML Authentication with Okta SSO and users groups Jenkins: SAML, Okta, users groups, and Role-Based Security plugin Github: SAML, Okta, and Github Enterprise Cloud – Organization SSO configuration The next task is to integrate our Google… Read More »
Still on the subject of the Okta and SSO for Jenkins – let’s configure a Role-Based Security plugin for our Jenkins. See the first part in the Jenkins: SAML Authentication with Okta SSO and users groups post. The general idea is to have user groups defined in the Okta, and Okta has to pass a… Read More »