More

_bernd · 2026-04-04T15:28:18 1775316498

A path should be written `/root`...

_bernd · 2026-04-03T23:10:31 1775257831

You can also configure multiple CA for client auth, and on the client side multiple ca to verify host keys.

_bernd · 2026-03-31T21:29:42 1774992582

Tfa contains the whole session dude.

_bernd · 2026-03-28T22:15:50 1774736150

I will definitely start to read this out loud to my 5 year old. He will love it. Thanks for sharing your finding.

goku12 · 2026-03-29T07:57:19 1774771039

Just FYI. Almost every launcher that offers commercial services has such a user manual. I was involved in preparing one such manual. A collection of these manuals can be quite entertaining for 5 year olds. You should be able to easily find them from the websites of the respective companies or agencies.

_bernd · 2026-03-29T17:19:54 1774804794

Thanks for the tip. I only knew about old manuals of the space shuttle.

themafia · 2026-04-02T03:43:46 1775101426

NTRS is an amazing resource for that:

https://ntrs.nasa.gov/search?q=shuttle&page=%7B%22from%22:0,...

kevin_thibedeau · 2026-04-02T01:19:03 1775092743

Have an LLM rewrite it in Seussian verse.

_bernd · 2026-03-18T10:28:51 1773829731

You can also sign ssh host keys with an ssh ca.

See ssh_config and ssh-keygen man-pages...

_bernd · 2026-02-26T18:16:16 1772129776

In addition to equvinox (hey again): In enterprise networks you should rely on 802.1x or what's also valid use case is the use of ipsec to ensure the local client connection is "safe".

supernetworks · 2026-02-26T18:35:41 1772130941

Some 802.1x have inherent mitm attacks that have been called out since 2004 and never got the v2 (https://www.rfc-editor.org/rfc/rfc6677.html). EAP-TLS however is the best practice here + VLANs.

_bernd · 2026-02-26T19:02:55 1772132575

What do you think about to just use open networks and the use of IPsec/wireguard?

_bernd · 2026-02-13T17:29:26 1771003766

> and thought to myself "they do textbooks?".

Indeed: https://systemsapproach.org/books-html/

If you are cheap on money, but you do have time, and like to get into networking, I can only highly recommend https://book.systemsapproach.org/

_bernd · 2026-02-13T19:36:38 1771011398

The link to https://book.systemsapproach.org/internetworking/routing.htm... is in the first paragraph.

_bernd · 2026-02-09T10:00:27 1770631227

I.e. bird detects interface failure but this affects only your side of decision making. For bidirectional failure detection you do BFD with BGB. BFD default timers are 3 times 30 ms, iirc.

_bernd · 2026-01-31T10:14:19 1769854459

You can configure your assigned network numbers that other AS are allowed to announce certain networks of your own. Not uncommon for in examples authoritative name server addresses.

deceptionatd · 2026-01-31T10:38:53 1769855933

TIL, I always thought IP:ASN mappings were 1:1.

_bernd · 2026-01-31T10:57:51 1769857071

With cloud providers and such the wording could also be "bring your own address".

_bernd · 2026-01-24T16:09:59 1769270999

Here you go: https://en.wikipedia.org/wiki/Resource_Public_Key_Infrastruc...

eqvinox · 2026-01-24T16:14:10 1769271250

That, and ASPA, and https://manrs.org/