Posts by parkr@fosstodon.org
 (DIR) Post #472047 by parkr@fosstodon.org
       2018-10-09T20:25:56Z
       
       0 likes, 1 repeats
       
       https://www.romanzolotarev.com/ssg.html by @romanzolotarev
       
 (DIR) Post #AQdpN6nl7V0LELuhgO by parkr@fosstodon.org
       2022-12-15T20:06:43Z
       
       0 likes, 0 repeats
       
       @misty 😞
       
 (DIR) Post #ASiMmci3RsfEcxJCd6 by parkr@fosstodon.org
       2023-02-15T20:24:06Z
       
       0 likes, 0 repeats
       
       @misty I got into the second one! Is there a way I can give you my spot? Not sure if TestFlight has that ability.
       
 (DIR) Post #ASiSkWDXDPETdbPf60 by parkr@fosstodon.org
       2023-02-15T21:30:58Z
       
       0 likes, 0 repeats
       
       @misty Glad you got back in!!
       
 (DIR) Post #AUHclLnNHvVUAQWabQ by parkr@fosstodon.org
       2023-04-01T19:32:18Z
       
       0 likes, 0 repeats
       
       I want to 2FA my ssh servers (pi armhf & Linux amd64). Any recommendations on how to get started? 2FA would ideally be ssh key + Yubikey, Mac TouchID, or iPhone FaceID.
       
 (DIR) Post #AUHclMaeKivEdFZwPI by parkr@fosstodon.org
       2023-04-03T14:19:10Z
       
       0 likes, 0 repeats
       
       I was able to setup a Yubikey SSH key (thanks @omenos!) but decided against deploying it. Instead, I have:- macOS with Secretive, which stores my SSH key in the Secure Enclave and requires Touch ID or confirmation from my watch to use- iOS with Termius’s Biometric Key, which stores a different SSH key in its Secure Enclave and requires Touch ID to use. My iOS device uses an alphanumeric passcode to make it harder to override by shoulder surfing.
       
 (DIR) Post #AUHclNHtjvW6nNoTom by parkr@fosstodon.org
       2023-04-03T14:22:15Z
       
       0 likes, 0 repeats
       
       The Yubikey SSH setup had many options. I had chosen non-discoverable keys with FIDO2, but the UX for me was too poor for me since my Yubikey isn’t always in-hand.The Secure Enclave isn’t really a second factor since it can’t be separated from each device, but it is at least harder to exfiltrate and/or use without owning the entire machine. A random program I’m running from the internet can’t just grab my keys and run as they could before.
       
 (DIR) Post #AYItYaMiXCC0jzpwES by parkr@fosstodon.org
       2023-08-02T00:39:26Z
       
       0 likes, 0 repeats
       
       @simon If you set the target-branch, they can be created against a non-deploying branch. Once they run CI on their own branch, you can merge them all into the target-branch. After doing so, you have a unified target-branch that you can merge into your deploying branch which kicks off your CD pipeline.https://docs.github.com/en/code-security/dependabot/dependabot-version-updates/configuration-options-for-the-dependabot.yml-file#target-branch
       
 (DIR) Post #AaDMsRWvf0oKyPBUqu by parkr@fosstodon.org
       2023-09-28T04:21:54Z
       
       0 likes, 0 repeats
       
       @simon thanks for the recommendation! Martin Short in OMitB is fantastic (especially season 3!) and the Doctor is always a joy.
       
 (DIR) Post #AaGhRcqQAP2wl0EdoO by parkr@fosstodon.org
       2023-09-29T18:58:29Z
       
       0 likes, 0 repeats
       
       @simon @collin @joeldrapper I wish every podcast did this!!! Timestamps / chapter markers are the absolute best.
       
 (DIR) Post #AcXuH07RsaBMEqdKgy by parkr@fosstodon.org
       2023-12-06T21:55:42Z
       
       0 likes, 0 repeats
       
       @simon meant to block brand new phishing domains or something? Seems like a pretty blunt instrument…