Hardening your shell: dotfiles that defend by default
A locked-down .bashrc is your first firewall. Sane umasks, history hygiene, and aliases that stop you fat-fingering rm -rf.
Field logs from the command line — dispatches on shells, security, kernels, and the small automations that keep a system honest.
A locked-down .bashrc is your first firewall. Sane umasks, history hygiene, and aliases that stop you fat-fingering rm -rf.
Panes, sessions and detach: how to build a persistent command-line cockpit you can resume from any machine, anywhere.
Read More →Every running process leaves a paper trail under /proc. A tour of the pseudo-files that reveal memory, limits and open handles.
Fire up tcpdump, read a three-way handshake by eye, and learn to spot the chatty daemon leaking data on your LAN.
Short-lived secrets beat long-lived ones. A pragmatic rotation workflow with ssh-keygen, agents, and an audit trail.
No orchestrator, no YAML sprawl. Symlink swaps, health checks and a clean rollback path — all in eighty readable lines.
Read More →A transitive package you never chose can own your build. How to read a lockfile, pin hard, and cut the supply-chain blast radius.
Read More →Timezones, overlapping runs and silent failures. Writing crontab entries you can trust to fire at 03:00 and log when they don't.
Read More →When a process stalls and the logs stay silent, strace shows you the exact syscall it's blocked on. A field guide to reading the trace.