Webentwicklung und sonstiger Unsinn :) Web development and other nonsense :)
Webentwicklungg, Programmieren, Software, Server… irgendwie alles was in den Bereich Computer und Entwicklung fällt
Anything regarding web-development
Problem description: You would like to jail users to their home directories and not allow shell access, only sftp access. Solution: SFTP chroot jail 1. Create a system group. Here I call it sftponly.
|
1 |
groupadd -r sftponly |
2. edit the sshd_config file, usually residing in /etc/ssh/sshd_config (in weird opensuse it’s in /usr/etc/sshd/ ) and append (it needs…
Read ArticleActual security, as in identity, is still a 3rd party thing, aka you still need a OIDC IDP (or oauth2 in the broadest sense or similar). All NATS security does is validate that the credentials you pass the a client are valid and enforce limits, if configured. The microservice API was necessary, since simple request/reply…
Read ArticleIf you’re like me and trying to use NATS Jetstream with JWT auth and Keycloak… Well right now you’re SOL, because Keycloak so far only supports RSA, HMAC and AES, and NATS requires ED25519 signatures. But a certain individual named tnorimat aka Takashi Norimatsu is apparently working on ED25519 support. EdDSA Keycloak Issue on Github…
Read ArticleIf you’re getting this error message “upstream sent too big header while reading response header from upstream” in the nginx error log and are using fcgi, in my case I was running a PHP script via PHP FPM 8.2 and received a 502 response from nginx. I fixed the issue.
Read ArticleFor my main site I had to take screenshots of my webpages. I used puppetteer.
Read Article