What is multi-factor authentication (MFA)?

2023-03-312023-04-28 ~ tmolnar0831 ~ Leave a comment

Multi-factor authentication (MFA) is a security system that requires more than one method of authentication from independent categories of credentials to verify the user’s identity for a login or other transaction1. It is a security enhancement that requires the user to provide two or more verification factors to gain access to a resource such as an application, online account, or a VPN2. The factors fall into three categories: something the user knows (such as a password or PIN), something the user has (such as a smart card or a security token), and something the user is (such as a fingerprint or other biometric data).

MFA is a security measure that can help protect against unauthorized access to your data and applications. It is recommended to use MFA for all our accounts that support it, especially for our sensitive accounts such as banking, email, and social media.

Continue reading →

What is two-factor authentication (2FA)?

2023-03-272023-04-28 ~ tmolnar0831 ~ Leave a comment

Two-factor authentication (2FA) is a security process in which users provide two different authentication factors to verify themselves. It is an identity and access management (IAM) security method that requires two forms of identification to access resources and data. 2FA gives businesses the ability to monitor and help safeguard their most vulnerable information and networks.

Continue reading →

Using Ansible Galaxy for managing Ansible roles and collections

2023-03-232023-03-19 ~ tmolnar0831 ~ Leave a comment

Ansible Galaxy is a hub for finding and sharing Ansible content, such as roles and collections. Roles are pre-packaged units of work that can be referenced in Ansible playbooks and immediately put to work. Collections are larger units that can contain multiple roles, modules, plugins, and other Ansible components.

Continue reading →

Using different Ansible Vault passwords with vault-id

2023-03-202023-03-16 ~ tmolnar0831 ~ Leave a comment

As our infrastructure grows, we may have to use secret data of different sensitivity. If our “Infrastructure as Code” is developed by different teams, maybe every team wants to protect their own passwords, API tokens, keys, etc with different Vault passwords. This is why we use IDs in Ansible Vault.

Continue reading →

Handling sensitive data with Ansible Vault: encrypting strings instead of files

2023-03-162023-03-16 ~ tmolnar0831 ~ 1 Comment

Sometimes we may want to encrypt only a single variable value or a short piece of text that we need to use in our playbook or role. For example, we may want to encrypt a user password or an API key, and not an entire file. Encrypting single variables is also a good idea when we keep our files in Source Control Management like Git.

Ansible Vault has a function to encrypt only parts of files, to encrypt variables instead of the whole file.

Continue reading →

Configuration file blueprints: Jinja2 templates in the Ansible code

2023-03-132023-03-12 ~ tmolnar0831 ~ 1 Comment

Templating is a huge work power in Ansible when we want to write reusable code. Just imagine about having to create different playbooks and roles for every host that have a slightly different configuration from each other. That would be nonsense. Luckily we have configuration file templates in Ansible to make our life easier, and Infrastructure as Code less complex. We have already used Jinja2 templates in our playbook when we included variables. Let’s investigate what else can we do!

Continue reading →

Site topic poll: DevOps & Automation or Cyber Security & Ethical Hacking

2023-03-13 ~ tmolnar0831 ~ Leave a comment

TryHackMe | RootMe [CTF write-up]

2023-03-092023-03-09 ~ tmolnar0831 ~ Leave a comment

RootMe is a bite sized WEB upload form and Linux privilege escalation exercise.

Continue reading →

How to write more advanced Ansible inventory files?

2023-03-082023-03-07 ~ tmolnar0831 ~ Leave a comment

Previously we took a look at creating a basic plain text file inventory for our Ansible automation project, but we will need more functionality when we start using it seriously. Luckily Ansible provides us some other ways to create groups of hosts and handle them. Let’s investigate what else can we do in an Ansible inventory!

Continue reading →

How to implement and use handlers in Ansible code?

2023-03-062023-03-05 ~ tmolnar0831 ~ Leave a comment

Handlers are Ansible’s solution for running specific operations only when other tasks made changes, like when we update the configuration of a web server, and we want to restart the service. Obviously we do not want to restart the Apache2 on every playbook run, only if there is a change in its configuration. This is why we use handlers.

Continue reading →

How to implement Ansible blocks in our code to group and manage tasks together?

2023-03-032023-03-03 ~ tmolnar0831 ~ Leave a comment

There are some limitations of using YAML instead of a scripting language or a DSL, but the developers of Ansible thought about the issue, and they integrated some cool, more advanced features into the tool. We can use blocks collecting and handling tasks together Let’s investigate this feature a bit more!

Continue reading →

Using Hyper-V on Windows 10 (Updated on 2023. 03. 05.)

2023-03-022023-03-05 ~ tmolnar0831 ~ Leave a comment

Hyper-V is the virtualization hypervisor technology of Microsoft. There are different versions of Hyper-V, and we can use the desktop version on our Windows 10 or Windows 11. It is similar to VMWare Workstation Pro or VirtualBox, though its feature set is quite limited.

Continue reading →