|
Updated my ssh banner today, happy Friday IT goons
|
# ? Oct 11, 2019 23:26 |
|
|
# ? Apr 25, 2024 12:07 |
|
Tab8715 posted:Curious, what’s the bare minimum that any system administrator should know about certificates? openssl x509 -in fuckthis.pem -noout -text Methanar fucked around with this message at 23:34 on Oct 11, 2019 |
# ? Oct 11, 2019 23:32 |
|
It was only last year that I found a good starter/explainer for certs, and not having a basic conceptual map was a real stumbling block for me. Between that and getting thrown in the deep end to build up a new PKI environment for a major financial institution last year (before they decided they had ~80 more infrastructure people than they really needed), now I like working with certs and want to spend more time making them invisible scaffolding for society. Also running OpenSSL on Windows has been a pain in the butt for years, until they made functional PowerShell ports.
|
# ? Oct 11, 2019 23:45 |
|
Doing my first prod upgrade after hours on a friday. Someone's application stopped reading from redis for a moment (don't know if it was even related to me). Gave me a loving heart attack.
|
# ? Oct 12, 2019 02:04 |
|
CLAM DOWN posted:I know certs really well and have run PKI for large enterprises, and I actually like working with and talking about certs. You’re not alone. I’ve learned a lot working for the PKI team of an international bank and maintaining their CA’s and do key exchanges with large payment providers (swift, mastercard, equens and the likes). The only thing that sucks now is being aware how badly PKI is being handled in most companies. More often than not I see no auto enrollment functionality or people sharing/copying keypairs over dozens of machines.
|
# ? Oct 12, 2019 11:59 |
|
This typhoon is really messing everything up!
|
# ? Oct 12, 2019 14:16 |
|
What is a realistic starting salary for programming (any language) in the Midwest? I overheard a guy say he was getting “mid level pay” at 150k. I’m assuming he has at least a few years of experience.
|
# ? Oct 12, 2019 14:46 |
|
The Midwest is huge and could mean Chicago or rural Ohio, so you'll need to be more specific. $150k seems high either way imho
|
# ? Oct 12, 2019 15:21 |
|
Bigass Moth posted:What is a realistic starting salary for programming (any language) in the Midwest? I overheard a guy say he was getting “mid level pay” at 150k. I’m assuming he has at least a few years of experience. 150 is not mid level pay at all. We have senior guys with CS masters degrees in Austin making 130. 150 is really high outside the Bay Area and would probably involve management tasks, or have the title “principal” in front of it for us. Guy is full of poo poo. We start the jr guys in the 80-90k range last I heard.
|
# ? Oct 12, 2019 15:22 |
|
This is in Louisville, I thought it sounded high but it’s hard to get a frame of reference. Maybe his company is letting him work remote?
|
# ? Oct 12, 2019 15:25 |
|
Unless you're working remote for a bay area company, entry/jr coding pay in a low CoL city is probably 50-60k. Edit: yup
|
# ? Oct 12, 2019 16:48 |
|
Sirotan posted:The Midwest is huge and could mean Chicago or rural Ohio, so you'll need to be more specific. $150k seems high either way imho
|
# ? Oct 12, 2019 17:57 |
|
Bigass Moth posted:What is a realistic starting salary for programming (any language) in the Midwest? I overheard a guy say he was getting “mid level pay” at 150k. I’m assuming he has at least a few years of experience. Is that base salary or total comp including equity and perks
|
# ? Oct 12, 2019 18:03 |
|
Bigass Moth posted:What is a realistic starting salary for programming (any language) in the Midwest? I overheard a guy say he was getting “mid level pay” at 150k. I’m assuming he has at least a few years of experience. Straight out college? At a minimum assuming cost of living isn't a big city probably $55k/y with great benefits but quickly ramps up. When you see large salaries from my experience these are general large F500 Companies - or it's senior or some position where it involves quite a bit of leadership over vendors or internal IT staff. skipdogg posted:150 is not mid level pay at all. $150k can be done for F500 Companies not in the bay area or larger popular/prestigious ones but you've got have an awareness of the typical politics in a white collar position.
|
# ? Oct 12, 2019 18:31 |
|
Here in my area of SC, IT management salaries range from like the 60-100k depending on industry. I'd say a 4 year degree would yield you a 40-50k starting salary. Of course, this is offset by the cost of living being very cheap.
|
# ? Oct 12, 2019 20:22 |
|
CLAM DOWN posted:Spot the issue That's a pretty good bonus, what's the salary?
|
# ? Oct 12, 2019 22:01 |
|
Sickening posted:I despise jump boxes. Getting people to consistently design administrative duties around them for the desired level of security is a gigantic pain the rear end. Its like herding cats. Corporate just disabled RDP on all client machines except for connections from a whitelisted set of jumpboxes for security reasons. RDP to servers is still OK. That seems kinda backwards, but if you can trust your servers to be really well maintained compared to desktops it makes sense. I don't know how well managed the servers really are, but I do know how well the desktops aren't. I just dropped a list of the local jumpboxes into Google Keep and moved on with my life. 5er posted:It's kinda tough, being intermediate with linux, working with someone who is very advanced with linux but seems to think the information you need just naturally materializes in a human brain, and thinks the absolute best way a person learns how to do linux things is to not be taught anything from someone who knows and to resort to google forever until you figure it out. That's how they learned, but mentoring doesn't even occur to many experts as a thing to do.
|
# ? Oct 12, 2019 22:39 |
|
really when u think about it a vpn is just a jump box too...
|
# ? Oct 13, 2019 00:15 |
|
Vargatron posted:Here in my area of SC, IT management salaries range from like the 60-100k depending on industry. I'd say a 4 year degree would yield you a 40-50k starting salary. Of course, this is offset by the cost of living being very cheap. How's the job market in SC for IT? My parents are moving to the Myrtle Beach area next year and want me to follow them.
|
# ? Oct 13, 2019 00:30 |
|
mllaneza posted:
Half the stuff I've learned, was from googling, not needing to ask. The other half came from asking after being stymied, being given the proverbial 'fish', then reverse engineering how to fish from knowing the right answer as a clue. I just finished RH124 and 134 this past month, and there's a fuckload of little and big things I wish I had known sooner. Another human telling you how a command work and which flags are ideal, goes a lot farther than a man file with me.
|
# ? Oct 14, 2019 01:20 |
|
mllaneza posted:That's how they learned, but mentoring doesn't even occur to many experts as a thing to do. The hard truth is that there is little benefit for people to mentor. The company and the learner greatly benefit, but not the mentor. Often it can lead to a negative as you teach people who make less to do what you do, making you easier to replace. I wish that wasn’t the case.
|
# ? Oct 14, 2019 01:32 |
|
Sickening posted:The hard truth is that there is little benefit for people to mentor. The company and the learner greatly benefit, but not the mentor. Often it can lead to a negative as you teach people who make less to do what you do, making you easier to replace. Mentoring done well builds your network, unless everyone you mentor remains your junior or never leaves their current employer.
|
# ? Oct 14, 2019 01:47 |
|
Sickening posted:The hard truth is that there is little benefit for people to mentor. The company and the learner greatly benefit, but not the mentor. Often it can lead to a negative as you teach people who make less to do what you do, making you easier to replace. If you mentor yourself out of a job you were way overdue for a new one anyway.
|
# ? Oct 14, 2019 03:00 |
|
Tab8715 posted:Curious, what’s the bare minimum that any system administrator should know about certificates? For some "learn from my mistakes" tips: Keep backups of every private key, keep track of when they expire, if you manually install don't leave copies of the private key on the servers hard drive, don't over use wildcard certificates.
|
# ? Oct 14, 2019 17:01 |
|
Heffer posted:For some "learn from my mistakes" tips: The expiration thing is a real kicker, depending on your business processes, I'd recommend setting up some sort of alert at least a month before it expires, if you have cumbersome purchasing processes or people will throw up roadblocks continuously, give yourself more time. Every cert authority I've dealt with will tack on time to your cert, so if you're 2 month from expiring and purchase a new cert, that cert will expire in 14 months instead of just 12; basically you lose nothing by being ahead of the game and everything by being late. I can't tell you how many times certs have expired because I've gotten stonewalled during either the purchasing part or just getting the go-ahead to install the loving thing.
|
# ? Oct 14, 2019 17:09 |
|
The expiration thing is why I wish more cert providers would start supporting ACME for DV certs. I get that a lot of people can't use Let's Encrypt for one reason or another, but they have proven pretty conclusively that DV cert renewal doesn't need to involve any human interaction and really shouldn't. Regarding wildcard certs, my recommendation would be to think long and hard about any use of them in a production environment due to the power they hold if they're ever compromised. Personally my only use of them is with a cluster of servers that host <customer>.ourdomain.com. Every subdomain of that particular domain is either a CNAME or SRV records pointing at that cluster so there's no added security risk, the only names you could impersonate with that cert are the ones pointed at the very machines you'd have to have compromised to get it. One other thing worth noting about any kind of public certificate authority is that the certificate metadata will be posted to Certificate Transparency logs. Certificates you get issued for internal services will leak their DNS names to the world. Shouldn't be a huge deal for business use, as presumably anything you need a public cert for is something you're intentionally exposing to the general public, but for "home lab" use if you're not careful the cert on your VPS might expose the name you use for your home services and thus your home IP. wolrah fucked around with this message at 17:55 on Oct 14, 2019 |
# ? Oct 14, 2019 17:40 |
|
Most things are better if you can reduce/eliminate the human<->computer interaction.
|
# ? Oct 14, 2019 17:43 |
|
I hope you Canadians are enjoying Thanksgiving today, and I hope you yanks are enjoying a full day of work
|
# ? Oct 14, 2019 17:46 |
|
CLAM DOWN posted:I hope you Canadians are enjoying Thanksgiving today, and I hope you yanks are enjoying a full day of work It's Columbus day so some folks aren't working, maybe like 5% of the work force has off because we're all slave laborers.
|
# ? Oct 14, 2019 17:48 |
|
CLAM DOWN posted:I hope you Canadians are enjoying Thanksgiving today, and I hope you yanks are enjoying a full day of work I take american holidays
|
# ? Oct 14, 2019 17:49 |
|
My employer is celebrating Indigenous Peoples Day, so while we are in the office we're getting catered lunch, there's some other events going on, and the office is closing early.
|
# ? Oct 14, 2019 17:49 |
|
CLAM DOWN posted:I hope you Canadians are enjoying Thanksgiving today, and I hope you yanks are enjoying a full day of work Just the one day off huh
|
# ? Oct 14, 2019 17:54 |
|
The Fool posted:My employer is celebrating Indigenous Peoples Day, so while we are in the office we're getting catered lunch, there's some other events going on, and the office is closing early. Oh that's awesome!!! Your employer is loving rad for recognizing that.
|
# ? Oct 14, 2019 17:55 |
|
CLAM DOWN posted:I hope you Canadians are enjoying Thanksgiving today, and I hope you yanks are enjoying a full day of work
|
# ? Oct 14, 2019 17:57 |
|
Methanar posted:I take american holidays Weird way to say sick leave.
|
# ? Oct 14, 2019 18:09 |
|
Sprechensiesexy posted:Weird way to say sick leave. Weird way to say "fired because you couldn't get into work on new year's day"
|
# ? Oct 14, 2019 18:25 |
|
CLAM DOWN posted:Oh that's awesome!!! Your employer is loving rad for recognizing that. We are tribal government adjacent, so it makes sense. The whole thing is pretty cool though. They've got a craft fair running downstairs right now, and there will be some traditional dancers doing a show at the end of the day.
|
# ? Oct 14, 2019 18:49 |
|
My office is closed for Indigenous Peoples day because I work for a good company.
|
# ? Oct 14, 2019 19:03 |
|
deedee megadoodoo posted:My office is closed for Indigenous Peoples day because I work for a good company.
|
# ? Oct 14, 2019 19:49 |
|
|
# ? Apr 25, 2024 12:07 |
|
Was installing a new receipt printer at work, and had forgotten to clear out the print queue and change the driver. New printer was a different model/driver, so when I turned the printer on, it quickly spit out 15ft of garbled junk before I could stop it. One of the cashiers immediately asked "Are we printing CVS sized receipts now?" I loled. Edit: For those not in the US or aware of it.. CVS is a drug store chain well known for regularly printing 5ft+ long receipts for simple purchases like a pack of gum. They even have their own subreddit.. http://reddit.com/r/cvsreceipts stevewm fucked around with this message at 20:17 on Oct 14, 2019 |
# ? Oct 14, 2019 20:02 |