We have news 👀 Smallstep has officially adopted the Go SCEP protocol library from our friends at MicroMDM, for innovative certificate issuance & enhancing security with ACME and Device Attestation. This transition means the library will continue to be maintained for all who rely on it 🙌 ⭐ You can find the new repo here: https://hubs.ly/Q02H9yg10 Since taking on the library, we have made some notable updates: ✅ Switched to using smallstep/pkcs7, which is a fork of the archived https://hubs.ly/Q02H9yzz0 package, meaning that the core cryptographic primitives are now being maintained again. ✅ Adhere to Go standard library crypto interfaces where possible, for better interoperability with other code ✅ Introduced more consistent error messages ✅ Removed unnecessary third party dependencies ✅ Improved CI flows, with additional Go linters, and automated dependency updates using Dependabot Check out the official announcement from MicroMDM here: https://hubs.ly/Q02H9HmZ0
Smallstep’s Post
More Relevant Posts
-
Ip-anchor Small and super simple library Ip-anchor is my first published library 📚which is small and super simple and easy to use Its a tool designed for developers to easily configure their local development environment with custom domain names and IP addresses. It automates the process of setting up local domains and SSL certificates, streamlining the development workflow. There could be bugs 🐞 https://lnkd.in/dFdShYgm
ip-anchor
npmjs.com
To view or add a comment, sign in
-
Scanning local networks sometimes can be challenging if you do not have enough permissions to install tools etc. I wrote two seperated but same goaled scripts for scanning specified IPv4 Blocks with using Gemini Advanced. You can even get the results with a "output.txt" which includes IP's MAC's and Vendors (if found). You can read more from my repo https://lnkd.in/dNfiEJ8b
GitHub - megalodoNNNNN/IPSCANNER: There will be the best scripts out here.
github.com
To view or add a comment, sign in
-
Did you know that securing your server's remote management interface can be as crucial as locking your front door? 🚪🔐 Imagine leaving it wide open, with a neon welcome sign for cyber intruders. Scary, right? That's where Let's Encrypt and iDRAC come into play, forming an unexpected yet powerful alliance in the cybersecurity realm. For those not in the loop, Let's Encrypt is a free, automated, and open Certificate Authority that's been a game-changer for website encryption. On the flip side, iDRAC (Integrated Dell Remote Access Controller) is the heart of remote server management, allowing admins to fully control their servers without physically being there. Now, you might wonder, "How do these two connect?" 🤔 Here's the scoop: By leveraging Let's Encrypt with your iDRAC, you can ensure that your remote server management is not just efficient but also wrapped in a robust layer of security. It's like having a digital bouncer for your server, keeping the bad guys out while letting the good guys in with ease. But why does this matter to you? In a world where cyber threats are evolving faster than ever, ensuring every access point is secured is non-negotiable. And let's be honest, the peace of mind knowing your server's backdoor isn't just locked but bolted is priceless. So, here's my question to you: Have you considered the security of your remote server management lately? Or better yet, have you implemented a solution like lateralblast/lolcat to automate Let's Encrypt with your iDRAC? Share your thoughts or experiences in the comments below. I'm all ears! 🎧 And if you found this insight helpful, why not give it a like or even better, repost it? Let's spread the word on securing our digital doorsteps.
FWIW some initial code for generating iDRAC certs with letsencrypt, will fill out doco when I get a chance: https://lnkd.in/g6kgd7mG
GitHub - lateralblast/lolcat: LOM/OOB Letsencrypt Certificate Automation Tool
github.com
To view or add a comment, sign in
-
🎉 Exciting News! 🎉 Our project open source atm0s media server software just got better! We're thrilled to announce the release of our first update after launched which includes several new features, bug fixes, and other updates. Here's what's new: New Features 🌟 - Global Gateway: Now available for all users. - SIP Transport and Hooks: Enhanced functionality for better integration. - HTTPS Self-Signed Cert Support: For testing with remote servers. - Node Info Endpoint: Provides detailed information about nodes. - Connector External Event Log - Protobuf: Enhanced logging capabilities. - Secure Static Key JWT: Enhanced security measures. - Audio Mix-Minus: Allows subscribing to multiple sources. - Refactored Media Server: Improved performance and stability. Bug Fixes 🐛 - Updated Rust Crate atm0s-sdn to 0.1.8. - Patched SDP with Client ICES. - Fixed Dashboard Issue in Gateway. - Corrected Typos causing Publish Error. Other Updates 🔧 - Renamed Token Terms for Clarity. - Restructured Cargo Workspace Deps for Better Management. - Introduced Feature Connector Server. We're committed to making our software the best it can be, and we appreciate your continued support. We look forward to hearing your feedback and suggestions for future updates. Stay tuned for more exciting news! #OpenSource #SoftwareUpdate #Streaming
GitHub - 8xFF/atm0s-media-server: Decentralized, Global-Scale Media Server written in Rust (WebRTC/Whip/Whep/Rtmp/Sip)
github.com
To view or add a comment, sign in
-
In this video, I will show you how to set up Policy Based Routing with #pfSense based on client IP. I am using #pfSense 2.7.2 to do this, but the same idea applies to other versions of #pfSense: https://lnkd.in/eW_nZQRp
Set up Policy Based Routing with pfSense based on client IP | Vikash.nl
https://www.vikash.nl
To view or add a comment, sign in
-
TFSCCHAIN ECOSYSTEM NODE UPDATE 💥✨💥 The new version of the program v0.34.0 is now available on the website! Update of v0.34.0. ✅ Adjust the VRF selection logic in contract transaction to solve the problem of contract transaction failure in complex network environment. ✅ Solve some bugs of contract transaction. ✅ Adjust the network heartbeat mechanism to solve the problem of invalid node connection. ✅ Adjust the default ports and repellent nodes. ✅ Fix other problems. Update Notes 1️⃣ Newly use port 20619, need to set up firewall rules in advance. 2️⃣ Delete the config.json file, use the -c parameter to regenerate a new config.json configuration file, and fill in the ip field with the external IP address of this node. 3️⃣ Restart the program. Download here👉🏻https://lnkd.in/gkGjgzmA 🎁 Attention here please: To encourage us to update the latest version as soon as possible. We prepared some rewards for you all. Due to the new version is mainly for the text issue, from this announcement to 24 hour later (⏰ Till Dec 29th 11:30 UTC), top 300 nodes who have v0.34.0 ready and finish staking and delegating will get 10TTOS rewards. We will share the list in 24h. Let's do it now Please update the latest version as soon as possible to get your reward✨
To view or add a comment, sign in
-
Learned about Access Tokens and Refresh Token, so why not write a blog about it? Check out this short and sweet blog on OAuth 2.0 tokens and improve your authorization knowledge. Great video by Hitesh Choudhary Sir as always.
Token-Based Authentication
varchasvh.hashnode.dev
To view or add a comment, sign in
-
𝗫𝗔𝗘𝗦-𝟮𝟱𝟲-𝗚𝗖𝗠 - Here comes a new hybrid cryptosystem 👌 𝗫𝗔𝗘𝗦-𝟮𝟱𝟲-𝗚𝗖𝗠 is an authenticated encryption with additional data (AEAD) algorithm with 256-bit keys and 192-bit nonces. The algorithm was designed with the following goals : ✅ supporting a nonce large enough to be safe to generate randomly for a virtually unlimited number of messages (2⁸⁰ messages with collision risk 2⁻³²); ✅ full, straightforward FIPS 140 compliance; and trivial implementation on top of common cryptographic libraries. The large nonce enables safer and more friendly APIs that automatically read a fresh nonce from the operating system’s CSPRNG for every message, without burdening the user with any birthday bound calculations. Compliance and compatibility make it available anywhere an AEAD might be needed, including in settings where alternative large-nonce AEADs are not an option. Like XChaCha20Poly1305, XAES-256-GCM is an extended-nonce construction on top of AES-256-GCM. That is, it uses the key and the large nonce to compute a derived key for the underlying AEAD. https://lnkd.in/dFaud9WF https://lnkd.in/g3CTne82
C2SP/XAES-256-GCM.md at main · C2SP/C2SP
github.com
To view or add a comment, sign in
-
Day10 we unravel the wizardry of ConfigMaps and the secure vault of Secrets! 🧙♂️✨ Let's delve deep into these Kubernetes resources and unlock their potential for streamlined configuration management and safeguarding sensitive data. ConfigMaps: Unleashing Configuration Magic 🧙♂️ What is a ConfigMap? Decouples config from apps in key-value pairs. Why ConfigMaps? Separation of concerns, dynamic config updates. How to Use ConfigMaps? Pod and app config, immutability, use cases. Secrets: Safeguarding Sensitive Data 🤐 What are Secrets? Securely stores sensitive info like passwords and tokens. Why Secrets? Security, access control, encryption. How to Use Secrets? Pod integration, Kubernetes API access, encryption, use cases. Best Practices: RBAC for access control. Encryption in transit. Rotation policies for enhanced security. Challenges: Key rotation, secrets management tools. Remember: Use ConfigMaps for non-sensitive data, Secrets for sensitive info. Regularly review and update for security. Master ConfigMaps and Secrets for effective Kubernetes configuration and data protection. Dive in, secure your data, and configure with confidence! 🌐🔒
To view or add a comment, sign in
-
Authentication while calling API's: Did you know this ? Httparty provides a basic_auth for Basic Authentication. Httparty provides us a way for basic authentication credentials for http request using basic_auth. Let's say while making a request to an API, it needs to authentiate username and password on every request,HTTP Basic Authentication involves sending a username and password with each request. If the server needs an authentication , the previously set authentication credentials will be included in the request headers. PS: avoid writing the auth credentisla directly in the code use ENV or more secure approach.
To view or add a comment, sign in
960 followers