Do you ever just update everything? There’s a few times you might need to do this. For example, some nasty vulnerability comes along and ruins your week. Or maybe you just want to be super up to date because you have a strange compulsion to have the latest and greatest of everything. Ether way, here’s my solution: Use Ansible inventories to update all your servers I wrote this playbook as a simple way to ‘freshen up’ my homelab after months of neglect.

With the move from sysvinit to systemd, there were lots of small but important changes to the Linux ecosystem. One of them was the move from traditional syslog daemons to Systemd Journald. Now I’m not going to say this is a good or bad thing, as it entirely depends on your old habits and new optimism. What it does mean is a move to a faster and more flexible system log format but at the cost of some added complexity.

Hot take: Stop putting your ssh keys on GitHub!!! For that matter, stop putting your keys in any kind of repository. Seriously, your private keys are private for a reason. Okay, let’s back up a little here. This morning some articles made their rounds about Cisco distributing network device firmware with keys and certs embedded in them. Now that happens all the time (ugh) but in this particular case, they were the keys of presumably a Huawei employee.

I have, for a long time, been fascinated and terrified by “Virtual SAN” solutions. The idea of combining storage and compute seems on the surface very attractive. It allows us to scale out our storage and compute together or separately in relatively small and affordable units, helping avoid the sticker shock of the upfront cost of storage systems. And as somebody especially prone to capex-phobia, that really is a great solution.

Editor’s note (2021-01): This particular hacking method no longer works after 2019-11 windows update. I had this article on ice for a very long time and feel confident that it won’t be abused at this time. Preface I feel like I shouldn’t have to say this, but please use your powers for good and not evil. The methods I’ll reveal here have quite impressive post-exploit abilities for lateral movement. If you’re thinking about getting arrested for something dumb, please don’t bring up my website at your trial.