There are too many metrics that describes some aspects about memory in Linux. Further to an old article on this site, where several concepts were discussed, this posting will make sense of those common metrics in Linux, CentOS as an example. The most fundamental command is free and my favourite switch is -h for human … Read moreHow memory usage adds up in Linux
This is a summary of concepts in common Git operations. We will discuss brach, merge, rebase, cherrypick, stash and reset. We will not discuss pull, fetch, or push. Commit, Branch and HEAD When you run “git commit”, the following happens: Git checksums each subdirectory, and stores them as a tree object (file path and name) … Read moreCommon local Git operations
There is no doubt that organizations with lots of manual tasks should automate at least some of the IT tasks. As the automation tools such as Ansible, Puppet become mature, the skillset becomes prevalent as well. If automation is not carried out properly, they can cost the organization an arm and a leg. The ultimate … Read morePitfalls in deployment automation
This article explains how two most common authentication mechanisms (NTLM and Kerberos) work. Both authentication protocols are based on symmetric key cryptography. The protocols themselves are platform independent. NTLM Authentication NTLM is the default authentication protocol prior to Windows 2000 and still prevalent today as backup to Kerberos. It is based on challenge/response mechanism. User … Read moreNTLM and Kerberos protocols
The tough time caused by coronavirus will be over!
This article gives a very brief high-level introduction to PAM (Pluggable Authentication Module) and SSPI (Security Support Provider Interface) as authentication frameworks in Linux and Windows respectively. PAM The Pluggable Authentication Module (PAM) architecture provides a powerful abstraction for user IAM using pluggable authentication model Unix platforms. It defines a generic API for authentication and … Read moreIntroduction to Authentication Frameworks (PAM and SSPI)
Introduction Authentication is used in many protocols (such as LDAP binding) and it usually involves sending password. Given the nature of authentication protocol, its traffic encryption is usually mandatory. Simple Authentication and Security Layer (SASL) is introduced to ensure the security during authentication. It is not a single protocol, but rather a framework for authentication … Read moreSASL Authentication Mechanisms
OAuth 2.0 and OpenID Connect 1.0 are different types of protocols and they are often confused. When we talk about IAM (identity and access management), we should distinguish between AuthZ and AuthN: AutheNtication (AuthN, aka Identity Management) is about validating user’s identity by verifying that the user trying to connect is actually who it claims … Read moreOAuth and OpenID Connect