<p class="wp-block-paragraph">Some month ago I found this interesting project on github: <a href="https://github.com/kosty-cloud/kosty" target="_blank" rel="noopener" title="">https://github.com/kosty-cloud/kosty</a></p> <p class="wp-block-paragraph">Kosty is a cost and security audit written in python and using aws cli to check the current status of your service.</p> <p class="wp-block-paragraph">I followed the quickstart guide:</p> <blockquote class="wp-block-quote is-layout-flow wp-block-quote-is-layout-flow"> <p class="wp-block-paragraph">pip3 install kosty</p> <p class="wp-block-paragraph">python3 […]
Category: security
The tale of Jenkins update to Java Jdk21 and Matrix Auth plugin
<p class="wp-block-paragraph">I passed a long day dealing with Jenkins runtime update (from jdk17 to jdk21), and authorisation plugin (Matrix Auth) stopping to work. Here is the tale.</p> <p class="wp-block-paragraph">Involved system:</p> <p class="wp-block-paragraph">Error log messages was related to hudson, and to matrix, and to authorization:</p> <pre class="wp-block-preformatted">Caused: jenkins.util.xstream.CriticalXStreamException: <br>[LF]> —- Debugging information —-<br>[LF]> cause-exception : com.thoughtworks.xstream.mapper.CannotResolveClassException<br>[LF]> […]
How to expose ssh over https
<p class="wp-block-paragraph">By the mean of a reverse proxy installed on a Proxmox machine, is possible to expose also ssh access to the single machine.</p> <h2 class="wp-block-heading">List of ingredients</h2> <h2 class="wp-block-heading">Preparing <em>The Server</em></h2> <p class="wp-block-paragraph">To generate an self signed certificate, use the command:</p> <p class="wp-block-paragraph">In /etc/nginx/nginx.conf add these lines:</p> <h2 class="wp-block-heading">Preparing <em>The Client</em></h2> <p class="wp-block-paragraph">Copying minihost.crt […]
Sicurezza, password salvate e Google
<p class="wp-block-paragraph">youhavebeenpawned! ( https://haveibeenpwned.com/ )</p> <p class="wp-block-paragraph">Google fortunatamente non sta a guardare, ma non può agire per noi.</p> <ul class="wp-block-list"> <li>Fare click sull’avatar (in alto a destra) per gestire l’account</li> </ul> <ul class="wp-block-list"> <li>Dove si atterra: </li> </ul> <ul class="wp-block-list"> <li>Notare un segnale di allarme per problemi di sicurezza (esclamativo rosso):</li> </ul> <ul class="wp-block-list"> <li>Vai […]