Installing and Configuring OpenSSH on Windows Server 2019 June 11, 2019, 12:16 p.m.

Windows Server 2019 and the most recent version of Windows 10 include the ability to install both an SSH client and an SSH server. To get an SSH client onto Windows 10 or Windows Server 2019, without using 3rd party software or installing Windows Subsystem for Linux, use the PowerShell command:

Add-WindowsCapability -Online -Name OpenSSH.Client~~~~0.0.1.0

AWS Systems Manager Automation June 7, 2019, 9:25 a.m.

Systems Manager Automation simplifies common maintenance and deployment tasks of Amazon EC2 instances and other AWS resources. Automation enables you to do the following.

• Build Automation workflows to configure and manage instances and AWS resources.
• Create custom workflows or use pre-defined workflows maintained by AWS.
• Receive notifications about Automation tasks and workflows by using Amazon CloudWatch Events.
• Monitor Automation progress and execution details by using the Amazon EC2 or the AWS Systems Manager console.

PSWindowsUpdate June 7, 2019, 9:24 a.m.

This is a fork of Michal Gajda's PSWindowsUpdate PowerShell module. The original module can be found on the PowerShell Gallery.

Windows Update Agent API June 7, 2019, 9:23 a.m.

The Windows Update Agent (WUA) API is a set of COM interfaces that enable system administrators and programmers to access Windows Update and Windows Server Update Services (WSUS). Scripts and programs can be written to examine which updates are currently available for a computer, and then you can install or uninstall updates.

How to access both subnets (dual NIC) on Ubuntu server from third subnet? May 8, 2019, 10:31 a.m.

If the router is filtering too, ubuntu has to be aware of the gateway's existence for both interfaces and use table and rule settings for a correct routing.

Two Default Gateways on One System May 8, 2019, 10:29 a.m.

Normally, a Linux system only has one routing table, in which only one default gateway can make entries. With iproute2, you have the ability to setup an additional routing table, for one thing, and allow this table to be used by the system based on rules, for another.

Ubiquiti EdgeRouter Lite SOHO Network Design April 20, 2019, 9:06 p.m.

This project describes the Ubiquiti EdgeRouter Lite (and EdgeRouter 4), EdgeSwitch 24 and UniFi Access Point network design for a SOHO (Small Office/Home Office) network.

A Treatise on Group Policy Troubleshooting–now with GPSVC Log Analysis! April 10, 2019, 3:09 p.m.

This guide outlines basic steps used to troubleshoot Group Policy application errors using the Group Policy Service Debug logs (gpsvc.log).

Enable by setting HKLM\Software\Microsoft\Windows NT\CurrentVersion\Diagnostics\GPSvcDebugLevel REG_DWORD to 30002 (hex), and ensure %windir%\debug\usermode exists. The gpsvc.log log will be created in this directory when updating group policy (eg gpupdate /force).

How Healthy is your LAPS Environment? April 6, 2019, 3:41 p.m.

LAPS is easy to deploy and works great. The challenge comes in knowing if it’s actually working. How do you know if your machines have ever set the password? Or maybe they set it once and haven’t updated it since even though it’s past the designated expiration date? It’s definitely worth monitoring to ensure that your machines are operating as expected. Jiri Formacek (the creator of LAPS), threw together a small PowerShell script to provide that capability.

Newbie at bash scripting? Here's some advice. April 5, 2019, 11:43 a.m.

Bash is powerful, it is super permissive, and because of that, it is extremely easy to do something stupid with it. This blogpost is more about good conventions in bash, not it's syntax or how to do basic stuff with it.

How to do things safely in bash April 5, 2019, 11:42 a.m.

Like programming in C or driving a car, contemporary shellscript languages require some knowledge and discipline to use safely, but that's not to say it can't be done. This guide is here to show that in bash, it can be done. Specifically, those systematic bugs that the language encourages can be eliminated by disciplines that are outlined here. Realize that Bash is not a language where the correct way to do something is also the easiest.

The Bash Hackers Wiki April 5, 2019, 11:41 a.m.

This wiki is intended to provide human-readable documentation and information so users aren't forced to read every bit of the Bash manpage - which can be difficult to understand.

Implementing LAPS – My way | Secure Identity April 3, 2019, 3:37 p.m.

Local Administrator Password Solution (LAPS) has been around for a while and last year it became an official supported tool by Microsoft. Since there are so many articles about it, I would like to share my tweaks. I decided to create my own LDF file to extend the schema with this two attributes because I feel that a few things are missing.

Tmux in practice: local and nested remote tmux sessions April 1, 2019, 8:37 a.m.

Some people prefer using tmux on the local machine only on top of their terminal emulator, supercharging it with multiplexing and window management in the first place. People who spent most of their time SSH’ing on remote hosts, make use of persistent session nature and resistance to network disconnects.

The Tao of tmux March 26, 2019, 3:56 p.m.

In this book, we will break down tmux by its objects, from servers down to panes. It also includes a rehash of terminal facilities we use every day to keep us autodidacts up to speed with what is what. I’ve included numerous examples of projects, permissively licensed source code, and workflows designed for efficiency in the world of the terminal.

Security Overview of AWS Lambda March 22, 2019, 4:15 p.m.

This whitepaper presents a deep dive of the AWS Lambda service through a security lens. It provides a well-rounded picture of the service, which can be useful for new adopters, as well as deepening understanding of AWS Lambda for current users.

The Night Watch March 8, 2019, 8:27 a.m.

Pointers are real. They’re what the hardware understands. Somebody has to deal with them. You can’t just place a LISP book on top of an x86 chip and hope that the hardware learns about lambda calculus by osmosis. Denying the existence of pointers is like living in ancient Greece and denying the existence of Krackens and then being confused about why none of your ships ever make it to Morocco

Cynefin Framework March 6, 2019, 11:11 a.m.

Cynefin offers four decision-making contexts or "domains": simple, complicated, complex, chaotic, and a centre of disorder. The domains offer a "sense of place" from which to analyse behaviour and make decisions. The domains on the right, simple/obvious and complicated, are "ordered": cause and effect are known or can be discovered. The domains on the left, complex and chaotic, are "unordered": cause and effect can be deduced only with hindsight or not at all.

So what exactly is the CLIUSR account? Nov. 14, 2018, 12:03 p.m.

This local “user” account is not an administrative account or domain account. This account is automatically created for you on each of the nodes when you create a cluster or on a new node being added to the existing Cluster. This account is completely self-managed by the Cluster Service and handles automatically rotating the password for the account and synchronising all the nodes for you. The CLIUSR password is rotated at the same frequency as the CNO, as defined by your domain policy.

The AD Recycle Bin: Understanding, Implementing, Best Practices, and Troubleshooting Nov. 12, 2018, 11:06 a.m.

Starting in Windows Server 2008 R2, Active Directory now implements a true recycle bin. No longer will you need an authoritative restore to recover deleted users, groups, OU’s, or other objects. Instead, it is now possible to use PowerShell commands to bring back objects with all their attributes, backlinks, group memberships, and metadata.