Entries by Johann Savalle

SSH configuration tips for basic server security

Don’t run the internet facing SSH on an IP used by a key application. Use a dedicated host acting as a jump box. Use port knocking. Use key pairs. Use fail2ban. Don’t allow root logins. Restrict access to a named group. Don’t use shared logins. Don’t allow direct access below the presentation tier. Have more […]

Simple design is hard

  It’s a complex thing to make things simple. The main reason is you need to make a choice on what is the one or two thing you want to put forth. To make the right choice your idea need to prioritise what matter most to solve the solution at hand in a elegant way. […]

Internet doesn’t mean freedom

Internet is for many the symbol of freedom. So were books. Tools are just that tools. This doesn’t mean we shouldn’t strive for freedom. But realize that self-education is the real freedom. Because the fuel to self-education is the search for truth. Without truth there is no Freedom Just non-obvious choices between various lies.