Posts
All the articles I've posted.
-
Why Your TLS Certificate Isn't Trusted
Incomplete cert chains, wrong order, self-signed certs. How to diagnose trust failures with openssl s_client.
4 min read -
jq One-Liners Every Sysadmin Needs
jq is JSON on the command line. Here are 5 one-liners that actually solve real problems: filtering, extracting, transforming, combining, and debugging.
4 min read -
Certificate Expiry: Monitor Before the 3 AM Call
Certs expire silently. Check expiry with openssl, automate renewal checks with cron, get alerts before disaster.
4 min read -
xargs vs while read: Which One and When
xargs and while read both loop over input, but they handle arguments, signals, and performance differently. Here's when to use each.
5 min read -
Where Environment Variables Actually Live in Linux
Navigate /etc/environment, ~/.bashrc, ~/.profile, and systemd Environment=. When to use each.
5 min read -
The Firewall Rule Order That's Breaking Your Setup
Firewall rules are evaluated top-down, first match wins. One misplaced ALLOW rule silently defeats all security.
4 min read -
Sticky Bit, Setuid, Setgid: Linux Special Permissions Explained
Understand sticky bit, setuid, and setgid: what they do, how to set them, security implications, and real-world use cases.
6 min read -
Is fail2ban Actually Working? Here's How to Check
Verify fail2ban is protecting you: check jails, test bans, monitor logs, common misconfiguration, and unban IPs when needed.
6 min read -
Diagnosing Slow Linux Boot with systemd-analyze
Use systemd-analyze to find which services are slowing down boot. Fix the bottlenecks.
5 min read -
Docker CMD vs ENTRYPOINT: The Final Answer
CMD and ENTRYPOINT work together. Learn the difference, exec vs shell form, and when to use the combo pattern.
5 min read -
SSHFS: Ditch SCP & Access Remote Files
SSHFS mounts remote filesystems over SSH so you can browse and edit files locally — faster than scp for interactive work.
15 min read -
How to Actually Read `systemctl status` Output
Decode systemctl status: Active state, CGroup processes, recent logs, loaded/enabled state. What each field tells you.
7 min read
