Self-signed certificates on Ubuntu, done right
Mint a self-signed TLS cert Chrome actually accepts on Ubuntu 24.04: one openssl command with SAN, nginx/Apache wiring, and trusting it without curl -k.
Locking down a server you can reach from anywhere: SSH keys, firewall rules, and which ports have any business being open.
Filtering by topic #security · clear
Mint a self-signed TLS cert Chrome actually accepts on Ubuntu 24.04: one openssl command with SAN, nginx/Apache wiring, and trusting it without curl -k.
Self-host a Bitwarden-compatible password manager with Vaultwarden and Docker on a VPS: HTTPS-first, admin token, Fail2ban, tested backups.
Install Webmin on Ubuntu 24.04, then lock it down: SSH tunnel or IP allowlist, a real Let's Encrypt cert, two-factor, and Fail2ban on port 10000.
Install and configure Fail2ban on Ubuntu 24.04 to ban brute-force SSH attackers at the firewall: verify the stock jail, tune bans, recover from lockout.
Run Claude Code on an always-on Linux VPS inside tmux so agent sessions survive a dropped SSH connection. Install, harden, and the failure modes to expect.