Doubling up on 2FA

Doubling up on 2FA

I haven’t used passwords to log in to my server for years; I’ve been using key-based authentication. This works pretty well, and I can even use 1Password’s integration as an SSH agent to hold the keys so that wherever I

Rebuilding Cricalix.Net – Part 3

Rebuilding Cricalix.Net – Part 3

Stumbling blocks and annoyances NGINX and certbot’s default permissions EFF’s certbot writes certificates to /etc/letsencrypt/live/<certificate hostname>/<files>.pem, and sets the permissions to only allow root to read the files. This makes sense from the perspective of a system where processes that