Tag Archives: security

Okta: G-Suite integration – provisioning and users import and export
0 (0)

25 October 2019

And going forward with Okta setup for our project. Previous posts: Okta: SSO authentication for Gmail and Slack Jenkins: SAML Authentication with Okta SSO and users groups Jenkins: SAML, Okta, users groups, and Role-Based Security plugin Github: SAML, Okta, and Github Enterprise Cloud – Organization SSO configuration The next task is to integrate our Google… Read More »

Loading

Jenkins: SAML Authentication with Okta SSO and users groups
0 (0)

11 October 2019

SAML – Secure Assertion Markup Language is used for federated authentication when some service which we need to get access to (a Service Provider), asks another service (an Identity Provider) to perform a user’s authentification. Check the documentation here>>>. Service Provider (SP): is a system where need to authenticate, in our case this will be Jenkins… Read More »

Loading

Okta: the Custom domain and TLS configuration
0 (0)

4 October 2019

You can use your own domain configured for Okta. The one thing worth to mention here is the fact that Okta’s official plugin doesn’t work with a Custom domain feature so you’ll have to use Okta’s URL for the plugin authentification, see the  documentation for details. Custom domain configuration Go to the Settings > Customization:… Read More »

Loading

PostgreSQL: FATAL: Peer authentication failed for user “name”
0 (0)

11 September 2019

A quick note mainly for myself on how to enable remote access in PostgreSQL and create its database dump. An EC2-server moved to our AWS account with one website. During an attempt to connect to the PostgreSQL running on this host – the “FATAL: Peer authentication failed for user “name”” appears. And the same error… Read More »

Loading

AWS: IAM users keys rotation, EC2 IAM Roles and Jenkins
0 (0)

30 May 2019

Today I checked our IAM-users and “suddenly” recalled that it’s good to update their credentials sometimes: Well, that’s good to do but here is a question: it’s simple enough to set an expire for keys in IAM, but what to do with all scripts which are used in our Jenkins and which are using those… Read More »

Loading

Debian: unattended-upgrades – automatic upgrades installation with email notifications via AWS SES
0 (0)

23 May 2019

A unattended-upgrades package performs automated upgrades installation on Debian/Ubuntu systems. It’s a Python script (1500 lines) located at /usr/bin/unattended-upgrade (and /usr/bin/unattended-upgrades is a symlink to the /usr/bin/unattended-upgrade). CentsOS/RHEL analog – yum-cron. Install it: [simterm] $ sudo apt -y install unattended-upgrades [/simterm] The main config file is /etc/apt/apt.conf.d/50unattended-upgrades where upgrade types, email settings etc can be… Read More »

Loading

Bitwarden: an organization’s password manager self-hosted version installation on an AWS EC2
0 (0)

1 May 2019

We consider Bitwarden as a passwords keeper for our project with the main goal to have an ability to have separated access to secrets by user roles and/or ACLs. I.e. Pass or KeePass are good for self-usage by one person but they have no main things – a normal web-interface and role-based access to data.… Read More »

Loading

Linux: GPG-keys, Pass – passwords manager, and passwords import from the KeePass database
0 (0)

25 April 2019

pass – a password manager for Linux/UNIX. Stores data in tree-based directories/files structure and encrypts files with a GPG-key. In Arch Linux present by default, in Debian can be installed using apt from default repositories: [simterm] $ sudo apt install pass [/simterm] For macOS can be installed with Homebrew: [simterm] $ brew install pass [/simterm]… Read More »

Loading