Using OpenSSH Certificates for Easier and More Secure Server Access

Introduction to OpenSSH Certificates

I’ve seen many Linux admins struggle with managing SSH keys for their users. OpenSSH certificates are a game-changer here - they offer a more secure and convenient way to manage access to your Linux servers. By using certificates, you can avoid the hassle of managing individual SSH keys for each user and reduce the risk of key compromise.

Generating a Certificate Authority

To get started with OpenSSH certificates, you need to set up a Certificate Authority (CA). The CA will be used to sign and verify the certificates. I usually start with generating a CA key pair using the following command:

[Read More]

Hardening SSH Without Turning Your Server Into a Museum

Introduction to SSH Hardening

Securing your SSH server is one of the most critical tasks as a Linux administrator. I’ve seen this go wrong when systems are left vulnerable to unauthorized access. The recent high-profile vulnerabilities discovered in popular SSH implementations in 2025 serve as a reminder to keep your SSH server up to date and configured securely. In this article, we’ll discuss practical steps to harden your SSH server without making it overly restrictive.

[Read More]

Secure Boot and UEFI Firmware Security

Secure Boot and UEFI Firmware Security

As we continue to navigate the complex landscape of Linux security in 2026, it’s essential to reflect on the advancements made in 2025 and how they’ve impacted our approach to secure boot and UEFI firmware security. In this blog post, we’ll delve into the latest trends, best practices, and potential vulnerabilities to ensure a robust and secure boot process.

Introduction to Secure Boot

Secure boot is a critical component of modern Linux systems, designed to prevent malicious code from executing during the boot process. This is achieved by verifying the authenticity of the boot loader and kernel using digital signatures. In 2025, we saw significant improvements in secure boot mechanisms, including enhanced support for UEFI firmware and better integration with Linux distributions.

[Read More]

Cybersecurity Risks in Containerized Linux Environments

Cybersecurity Risks in Containerized Linux Environments

As we continue to navigate the complex landscape of containerized Linux environments in 2026, it’s essential to reflect on the lessons learned from 2025 and adapt to the evolving cybersecurity threats. In 2025, we saw a significant increase in the adoption of containerization technologies, with many organizations leveraging Docker, Kubernetes, and other container orchestration tools to streamline their application deployment and management processes.

Containerization and Security

Containerization offers numerous benefits, including improved resource utilization, increased efficiency, and enhanced scalability. However, it also introduces new cybersecurity risks that must be addressed. In 2025, we witnessed several high-profile vulnerabilities, including CVE-2022-36104, which highlighted the importance of securing containerized environments.

[Read More]

Linux Distribution Support for TPM 2.0 Modules

Leveraging TPM 2.0 for Enhanced Linux Security

The Trusted Platform Module (TPM) 2.0 has become a cornerstone in modern computing, providing a secure environment for key storage, platform authentication, and cryptographic operations. As a Senior Linux Security Architect, I’ll delve into the support for TPM 2.0 modules in various Linux distributions, exploring the technical implementation, security benefits, and potential vulnerabilities.

Introduction to TPM 2.0

TPM 2.0 is a specification defined by the Trusted Computing Group (TCG), aiming to provide a standardized, vendor-agnostic interface for trusted computing. The module itself is a dedicated hardware component, typically a chip or a firmware-based implementation, responsible for managing cryptographic keys, storing platform measurements, and providing attestation services.

[Read More]

Post-Quantum Cryptography Implementation in the Linux Kernel

Linux Kernel Post-Quantum Cryptography Implementation: A Deep Dive

The recent advancements in quantum computing have sparked a sense of urgency among cryptographers and security professionals. As quantum computers become more powerful, they pose a significant threat to our current asymmetric encryption algorithms, such as RSA and elliptic curve cryptography. To future-proof our systems, we must adopt post-quantum cryptography (PQC) solutions. In this blog post, we’ll delve into the implementation of PQC in the Linux kernel, exploring the technical details and security implications.

[Read More]

Securing SSH with FIDO2 and Physical Security Keys on Fedora

Introduction to Securing SSH with FIDO2 and Physical Security Keys

Securing SSH connections is crucial for preventing unauthorized access to Linux systems. Recently, there has been an increase in attacks targeting SSH, including CVE-2022-42010, which allows attackers to bypass authentication using a malicious SSH server. To mitigate such risks, using FIDO2 and physical security keys can significantly enhance the security of SSH connections. In this blog post, we will explore how to secure SSH with FIDO2 and physical security keys on Fedora.

[Read More]

Penetration Testing Tools

A Comprehensive Overview of Essential Tools for Web App Pentesting

Penetration testing (pentesting) is an essential process for identifying and addressing vulnerabilities within web applications. It involves simulating cyberattacks to assess the security of systems, networks, and applications, ultimately revealing areas of weakness that could be exploited by malicious actors. Web applications, being a major point of interaction for many businesses, are a prime target for cyberattacks. Therefore, ensuring that these applications are robust against common threats is critical.

There are a variety of tools available to pentesters to help automate and streamline the process of identifying vulnerabilities in web applications. These tools range from scanning platforms that automatically detect common flaws like SQL injection or cross-site scripting (XSS), to more advanced options that provide in-depth testing capabilities. This post will explore some of the most widely used pentesting tools for web applications, offering a detailed look at how each tool works, their key features, and how they assist in identifying potential vulnerabilities.

[Read More]

Kali Linux

The Ultimate Linux Distribution for Security Enthusiasts

Kali Linux is a specialized Linux distribution designed for penetration testing, security research, computer forensics, and reverse engineering. Developed and maintained by Offensive Security, Kali Linux has become a go-to platform for ethical hackers and security professionals worldwide. It comes preloaded with a vast array of tools tailored to meet the diverse needs of the cybersecurity domain.

Features and Highlights

Kali Linux stands out from other distributions due to its unique features:

[Read More]

Wireshark

Wireshark is a powerful open-source network protocol analyzer widely used for network troubleshooting, analysis, software development, and education. As one of the most trusted tools in the networking world, Wireshark provides unparalleled visibility into live and recorded network traffic, making it a cornerstone for IT professionals and cybersecurity experts.

Key Features of Wireshark

Deep Packet Inspection

Wireshark captures and inspects packets in real time, offering detailed insights into network traffic. With support for hundreds of protocols, it decodes and displays protocol-specific data in an easy-to-read format.

[Read More]