Where I work we have these smart cards (CACs) with x509 certs, protected by a PIN. There was some directive years ago to use these certs to login to all systems, but also the OpenSSH people said they would never support x509 for security reasons (x509 being too complex to be secure).
I love open source. I love ElasticSearch, I love the AWS cloud, and I love not getting compromised. Today, I'm putting a solution in production that I just have to tell someone about or I'm going to explode. If you love any of these things too, then read on my friend, because I've created something that can make your life easier.
So yeah privacy is dying in ways I never imagined. Your ISPs are harvesting data on you and selling that data without your education or consent. They're monitoring all the devices you connect to your home network and aggregating who knows what kind of data about what you do on them, who manufactured them, etc. Honestly it's creepy that my ISP is spying inside my front door, and I'm taking measures to protect myself.
# $OpenBSD: relayd.conf,v 1.4 2018/03/23 09:55:06 claudio Exp $
An API generally doesn't want to restrict a request's origin. However, some things don't work well with
Access-Control-Allow-Origin: *. So, the way around that is to just mirror back the Origin that a client sends. This apache config sets
Access-Control-Allow-* headers when it receives an
Origin header from a client, and mirrors the requested Origin back in the
ec2: error: unrecognized arguments
This is almost certainly caused by placing the EC2 dynamic inventory script in you project's ./library directory. What's happening is that the dynamic inventory python script has the same name as the default EC2 module. Therefore, it overloads the default module at runtime. Put your dynamic inventory scripts in the root directory of your project to avoid this problem.
Last week, the Republican Party of the United States exposed the personal voting information of 220 million registered voters on S3. Granting wide open permissions in S3 is a common occurrence in public cloud, and as an administrator I can attest to the fact that if you're not looking for it, you're almost certainly exposed in one area or another of your organization, and exploits are straightforward and well-known.
I couldn't sleep tonight so I took a challenge with Python to create some fractals in Turtle. I had fun coming up with the solution so I thought I'd blog about it here. Thank you, Dr. Ian Parberry, for your algorithms analysis class all those years ago. I use the techniques you taught me every day!
Here is the lab I worked on: Python Fractal Labs
I solved this problem in three steps.
Ansible Tower has two critical components that control its Python dependency path:
- The "awx" user
- The /var/lib/awx/venv/ansible/bin/activate virtual environment
If you're going to successfully run complex pip deployments, you must deploy into this virtual environment as this user.