SSH keys grant users access to critical systems such as cloud and on-premise servers and network devices. Typically, these are systems that should only be accessed by authorized users, and no one else. Proper management of these keys is therefore essential to ensure that the SSH keys are in the right hands and used in accordance with the best security practices.

This page is a step by step installation and configuration guide to get an TheHive 4 instance up and running. This guide is illustrated with examples for Debian packages based systems and for installation from binary packages.

X-Pack is an Elastic Stack extension that provides security, alerting, monitoring, reporting, machine learning, and many other capabilities. By default, when you install Elasticsearch, X-Pack is installed.

The growing popularity of Elasticsearch has made both Elasticsearch and Kibana targets for hackers and ransomware, so it is important never to leave your Elasticsearch cluster unprotected.

From Elasticsearch Version 6.8 and onwards, X Pack Basic License (free) includes security in the standard Elasticsearch version, while prior to that it was a paid for feature.

This article is a short followup to my last article about cosign. I received many questions for my last article. The most common one was:

“But wait! If the certificates are only valid for 30 minutes, how are my users supposed to validate my artifacts?”

This is very common misconception and to be honest: I ran into the same trap at first. The terms “ephemeral” or “short-lived” do not refer to the signature validation. Instead, these terms refer to the certificate generation itself. The goal of short-lived certificates is to elimate the possible risks of private key leaks. Just imagine, we have a traditional long-lived certificate and a private key stored on one of our servers. If one attacker manages to steal this certificate and private key, maybe even years after the signature creation, the attacker will be able to craft a valid signature for their own malware with this certificate and key. With a short-lived certificate this would not be possible, because even if the attacker has access to both (private key and certificate) the attacker will not be able to craft a valid signature for the artifact, because the certificate has expired. The users are still able to validate the originally signed artifact, because the signature of this artifact has been created in the valid time frame of the certificate.

Hello friends. Knowing the Linux terminal and its commands is a basic task of any sysadmin or DevOps. Therefore it is always good from time to time to know new commands and their utilities. This will allow us to have new functions that can solve a problem at any time. So, in this post, you will learn about the ncat command.

VirtualBox makes it simple to create virtual machines. When you create a virtual machine in VirtualBox or VMware, you must specify the size of the storage that will be used to install the operating system. I frequently allot a disc size that I later need to increase. In this article, we’ll learn to increase the Disk storage size of any Virtual machine in VirtualBox and VMware.

You can tune almost any setting, but this post concentrates on the few settings for which tuning benefits the most users. There are settings that we recommend you change only if you have a deep understanding of NGINX and Linux. So, you will know How get the best performance from the Nginx Server

HI Guys !, In this post we basically see the NGINX tuning using it’s configuration file which is situated at /etc/nginx/nginx.conf

NGINX is well known as a high‑performance load balancer, cache, and web server, powering over 40% of the busiest websites in the world. For most use cases, default NGINX and Linux settings work well, but achieving optimal performance sometimes requires a bit of tuning. This blog post discusses some of the NGINX and Linux settings to consider when tuning a system.

AlmaLinux 8.5 is finally here and is codenamed Arctic Sphynx. The new version of the incoming AlmaLinux 8.5 is filled with many improvements such as Nginx 1.20, Node.js 16, Ruby 3.0, PHP 7.4.19, and many more new module streams and enhancements. Also included are an enhanced Cockpit web console and support for the recently released OpenJDK 17.

Currently, this is in beta status and should not be installed or upgraded on production servers/systems or critical working environments. However, if you are game enough to try the new release, it is worth checking out.

In the following tutorial, you will get a step-by-step walkthrough of how to upgrade an existing AlmaLinux 8.0 system to 8.5.