Ollama Security Hardening: Practical Guide for Cloud Deployments

2026-03-22 3 min read Security Cloud Devops

A no-nonsense, actionable guide to securing Ollama for cloud deployments. Covers network lockdown, reverse proxy setup, OS hardening, prompt filtering, supply chain control, and advanced strategies. Continue reading

Don’t Enter Your Password Into That Website: A Rant You Need to Hear

2025-05-01 3 min read Security Password

Don’t Enter Your Password Into That Website: A Rant You Need to Hear

Let me set the stage.

I came across a YouTube video the other day where the creator casually suggested that you can “check if your password has been leaked” by typing it directly into a website or tool. It was not a very popular content creator, none the less, I think we need to talk about this.

Understanding Login Types in Windows

2024-11-03 4 min read Windows Administration

Introduction

Windows operating systems offer various login types that define how users authenticate themselves and gain access to the system. Understanding these login types is crucial for both users and system administrators, as they impact security, access levels, and overall user experience in a Windows environment. In this blog post, we’ll explore the different types of logins in Windows, how to check which login type you are using, and how these types influence your permissions and capabilities within the operating system.

HTTPSorHTTP

2024-09-08 7 min read Security Web TLS SSL HTTPS

The Illusion of Web Security: A Cautionary Tale

Alex was a bright developer. Fresh out of college and eager to make a mark, he landed a job at a promising tech startup. His first major project: build a new web application for the company’s clients. As Alex dove into the world of code, he kept hearing the same advice from his peers and mentors: “Make sure the site uses HTTPS. It’s the gold standard for web security.”

ssh trick – ssh to remote host with bastion host

2019-09-16 1 min read Bash Learning Linux

Lot of times, you have to ssh to a server with bastion host. If you dont know what is bastion host then see this:

Now, in such cases, either you add an entry in “~/.ssh/config” to route the ssh through the bastion host or do ssh to bastion host and then ssh from there to the actual host. But wait, there is always a better way:

https site available now with cert from cacert.org

2015-05-30 1 min read Wordpress

More about cacert.org :

CAcert.org is a community-driven Certificate Authority that issues certificates to the public at large for free.

CAcert’s goal is to promote awareness and education on computer security through the use of encryption, specifically by providing cryptographic certificates. These certificates can be used to digitally sign and encrypt email, authenticate and authorize users connecting to websites and secure data transmission over the internet. Any application that supports the Secure Socket Layer Protocol (SSL or TLS) can make use of certificates signed by CAcert, as can any application that uses X.509 certificates, e.g. for encryption or code signing and document signatures.
Continue reading

ssh authorized keys – limit ssh session to custom command

2015-03-04 1 min read Learning Linux

If you want a ssh key to be able to run a custom command only and nothing beyond that, then you can use the “command” option in the authorized_keys file of ssh.

For example, to limit user to run only top command with a key, you can add the key like this:

echo 'command="/usr/bin/top" ssh-rsa ' >>~/.ssh/authorized_keys

Older posts