My name is
Tyler Duzan, or more formally
Mr. Tyler T. Duzan.
My nickname is
tristor.
This site you're on, entitled
Wandering in Wondering, is my personal website as part of the
IndieWeb
If you need to contact me, please encrypt your messages using
my public key.
I am many things, but perhaps most of all I am a life-long learner. I aspire to become a renaissance man, although I see the journey ahead as being long (and a whole lot of fun). My interests are fairly broad, and I tend to pick up new hobbies and interests often, delve deeply into them, and then file them away to make room for the next.
Introduction
Why Bother?
As should be abundantly clear from my prior writings I am about to leave on a trip for a year. During that time I’ll likely be making use of numerous public Wi-Fi access points, not to mention whatever dodgy cellular providers are available in each location I travel to. As part of my overall stance on privacy, its essential I take steps to secure my communication while traveling, the primary of which is using a VPN for basically everything on both my laptop and my phone. To do this, I’m using a droplet from DigitalOcean that’s just $5/mo and doesn’t have to be shared with anyone else (from an IP/network perspective anyway).
Just a quick post to share this with anyone else that needs it. I spent hours using Google and reading posts from random people on the net, including bug comments from Dan Walsh on a never solved Fedora bug specifically related to this. The conclusion I came to was that hardly anyone uses SELinux and the ones that do just hack around the problem rather than solving it.
In this particular case, the fault is really with the terrible implementation of Google Authenticator, which I found out during the course of this by reading through the source code. Long story short, it creates a new file named $HOME/.google_authenticator~ and renames it to $HOME/.google_authenticator. This of course plays havoc with SELinux.
Introduction
My apologies for the delay in posting part 2. I encountered a few chicken-and-egg problems in that I wanted to write this update from my new Macbook but needed complete the remainder of the setup in order to have a comfortable and secure environment to do so from. Without further ado, on to the meat of it.
Organization
I’m breaking this article up into several parts to both assist me in the
process of writing it and to make it easier to digest. I’m taking some
steps out of order, but am making an effort to organize them into the
most logical order possible.
Introduction
That time has come again, and I have acquired a new Macbook Pro. In
this case its primarily in preparation for my trip so that I can edit
photos effectively on the go. It replaces my aged 2011 Macbook Air
(which has served me well). It seems an opportune time then to write up
my process for setting up a Macbook, and with a particular focus on
security.
Organization
I’m breaking this article up into several parts to both assist me in the
process of writing it and to make it easier to digest. I’m taking some
steps out of order, but am making an effort to organize them into the
most logical order possible.
This post was originally a response to a question I received from a
friend via email, with some additions. I’m not going to try to get very
in-depth here, this is more of a high-level overview of what you should
be doing to secure a server running Linux. This is mainly focused on a
business environment where you have multiple users and multiple servers
(and are hopefully using configuration management software).
