https://ineptitude.ca/tags/security/Recent content in Security on Institute of IneptitudeHugo -- 0.153.1enWed, 03 Dec 2025 16:48:43 -0700https://ineptitude.ca/writing/1password-agent-config/Wed, 03 Dec 2025 16:48:43 -0700https://ineptitude.ca/writing/1password-agent-config/<p>If you&rsquo;re doing SSH keys right&hellip; they tend to <em>accumulate&hellip;</em></p> <ul> <li>Keys unique to various environments or even specific hosts</li> <li>Rotation (new keys generated, old keys deprecated and phased out)</li> <li>They just <em>pile-up</em> and <em>quickly</em>!</li> </ul> <p>This leads to eventual sadness:</p> <div class="highlight"><pre tabindex="0" class="chroma"><code class="language-sh-session" data-lang="sh-session"><span class="line"><span class="cl"><span class="go">sign_and_send_pubkey: signing failed for ED25519 &#34;key-abc&#34; from agent: agent refused operation </span></span></span><span class="line"><span class="cl"><span class="go">Received disconnect from 10.x.x.1 port 22:2: Too many authentication failures </span></span></span></code></pre></div><p>I&rsquo;ve mentioned this problem to ChatGPT from time to time and it has historically hallucinated promising but ultimately disapointingly nonsense &ldquo;solutions.&rdquo;</p>https://ineptitude.ca/writing/i-dig-it/Sat, 29 Nov 2025 00:00:00 +0000https://ineptitude.ca/writing/i-dig-it/<p>&hellip;and just like that, we&rsquo;re live with automated publishing. I commit to git and a CICD pipeline authenticates over OIDC and deploys to an S3 bucket that serves as an origin for CloudFront. The domain is hosted on Route53 using DNS records created and maintained by Terraform.</p> <p>I push&hellip; content gets published. What more can you want? I think this is going to work out just fine, indeed!</p>