8 Oct 2021 - Reseting root password with physical access

In unfortunate situations, IT administrators lose root passwords. Fortunately, IT security is usually foiled by physical access to the device. Below is an example of how one could reset the root password to a XCP-ng hypervisor, but these instructions would be generally applicable to most Linux systems.

... 4386 more chars.

25 Sep 2021 - Asymmetric file encryption for secured backups

A resilient IT infrastructure is bound to need some form of periodic backups along with a restoration plan. However, the trove of data is a security risk as it is likely to bundle sensitive information within it. In deployments of services where the service itself is running with more relaxed security policies than the backups (e.g if the periodic backups can be used to reconstruct a much richer history than a snapshot of the service would), then it would not make sense to let this same service also hold a symmetric key for encrypting the backups because compromising the service would also cause all the backups to be compromised. Under such constraints, one solution could be to use a second service to access the first service for periodic backups but this is a bit unwieldy.

... 2647 more chars.

25 Sep 2021 - First post on blog

Ok, time flies. This is my first post on a casual blog-like website since setting up the school class website 20 years ago hosted on GeoCities.

... 391 more chars.