Skip to main content
  1. Tags/



1Password quick access in Sway

··238 words·2 mins
1Password has a handy quick access launcher and you can bring it on screen for fast access to passwords and two factor codes in Sway. 🔐

Migrating to AWS CloudFront

··2326 words·11 mins
New experiences bring joy! After working with fun AWS CloudFront hacks at work this week, I decided to migrate this blog to AWS S3 and CloudFront. ⛅


Use GNOME Keyring with Sway

··1060 words·5 mins
Add encrypted ssh keys to your workflow more efficiently with gnome-keyring in the sway window manager.


Secure Tailscale networks with firewalld

··645 words·4 mins
Tailscale provides a handy private network mesh across multiple devices but it needs security just like any other network. 🕵

Forwarding ports with firewalld

··726 words·4 mins
Learn how to forward ports with firewalld for IPv4 and IPv6 destinations. 🕵🏻


Running Ansible in OpenShift with arbitrary UIDs

··590 words·3 mins
My work at Red Hat involves testing lots and lots of kernels from various sources and we use GitLab CE to manage many of our repositories and run our CI jobs.



Old role, new name: ansible-hardening

··164 words·1 min
The interest in the openstack-ansible-security role has taken off faster than I expected, and one piece of constant feedback I received was around the name of the role.

RHEL 7 STIG v1 updates for openstack-ansible-security

··204 words·1 min
DISA’s final release of the Red Hat Enterprise Linux (RHEL) 7 Security Technical Implementation Guide (STIG) came out a few weeks ago and it has plenty of improvements and changes.

Display auditd messages with journalctl

··525 words·3 mins
All systems running systemd come with a powerful tool for reviewing the system journal: journalctl.


Enable IPv6 privacy in NetworkManager

··480 words·3 mins
On most IPv6-enabled networks, network addresses are distributed via stateless address autoconfiguration (SLAAC).


Talking to college students about information security

··1430 words·7 mins
I was recently asked to talk to Computer Information Systems students at the University of the Incarnate Word here in San Antonio about information security in the business world.

What I learned while securing Ubuntu

··1308 words·7 mins
The blog posts have slowed down a bit lately because I’ve been heads down on a security project at work.

Improving LXC template security

··312 words·2 mins
I’ve been getting involved with the Fedora Security Team lately and we’re working as a group to crush security bugs that affect Fedora, CentOS (via EPEL) and Red Hat Enterprise Linux (via EPEL).

Time for a new GPG key

··254 words·2 mins
After an unfortunate death of my Yubikey NEO and a huge mistake on backups, I’ve come to realize that it’s time for a new GPG key.

Run virsh and access libvirt as a regular user

··194 words·1 min

libvirt logoLibvirt is a handy way to manage containers and virtual machines on various systems. On most distributions, you can only access the libvirt daemon via the root user by default. I’d rather use a regular non-root user to access libvirt and limit that access via groups.


AVC: denied dyntransition from sshd

··163 words·1 min
I’ve been working with some Fedora environments in chroots and I ran into a peculiar SELinux AVC denial a short while ago: