Learning to defend and attack systems the ethical way — tools, labs, walkthroughs, and principles.
Twenty common SSH errors on Ubuntu with diagnoses and fixes. Connection refused, permission denied, host key verification failed, and the rest. Listicle referen
20 Common SSH Errors on Ubuntu (and How to Fix Each One) Read More »
SSH tunneling on Ubuntu explained with worked examples. Local forwards (-L), remote forwards (-R), dynamic SOCKS proxies (-D), and when each is the right tool.
SSH Tunneling Explained: Local, Remote, and Dynamic Forwards Read More »
Transfer files over SSH on Ubuntu using SCP, SFTP, and rsync. Worked examples for upload, download, recursive copies, preserving permissions, and when to use wh
SCP and SFTP on Ubuntu: Transfer Files Over SSH (with Examples) Read More »
Install and configure fail2ban for SSH on Ubuntu. Default jail config, custom ban times, whitelisting your own IP, and how to unban yourself when you inevitably
Fail2ban for SSH on Ubuntu: Setup, Tuning, and the Day It Banned Me Read More »
Eight SSH server settings that close the brute-force vector. Disable password auth, restrict users, change the port, set MaxAuthTries, and more. Tested on Ubunt
SSH Server Hardening: 8 Settings That Stop Brute-Force Logins Read More »
Generate, install and use SSH keys on Ubuntu. Covers Ed25519 vs RSA, key permissions, ssh-copy-id, the authorized_keys file, and the agent.
SSH Key Authentication on Ubuntu: From Keygen to Login Read More »
Step-by-step SSH setup for Ubuntu Server. Covers 22.04, 24.04, and 26.04, including the systemd socket activation change in 24.04 that breaks most older tutorials.
Enable SSH on Ubuntu Server: Complete Setup Guide (22.04, 24.04, 26.04) Read More »
How to Install Vaultwarden with Docker (Self-Hosted Bitwarden Alternative) In December 2022, LastPass disclosed that attackers had stolen encrypted password vaults for millions of users. Not metadata. Not email addresses. The actual vaults. The ones containing every password, every note, every saved card. LastPass assured everyone that vaults were safe as long as users had
How to Install Vaultwarden with Docker (Self-Hosted Bitwarden Alternative) Read More »
This week a global medical technology company had their Microsoft tenant compromised. The attackers didn’t deploy custom malware. They logged into the Intune admin console and used the built-in device management tools to trigger a bulk wipe across the entire managed device fleet. From the field: This came from a real incident. A client had
How to Prevent an Intune Bulk Wipe (and Detect One Before It’s Too Late) Read More »
The UK, US, Australia, EU and Canada all publish cybersecurity frameworks with the same five controls. If you run a homelab, you already practise all five – not because you studied a framework, but because things break if you don’t.
5 Security Basics Your Homelab Already Teaches You Read More »
