Stuff and things

Caution: Rant ahead. I've been reasonably happy with LastPass for around 5 years. My whole family used paid premium subscriptions. When I first had to make a choice of password managers, it essentially came down to 1Password or LastPass. At the time I preferred 1Password but had to rule it

I decided to give Let's Encrypt certificates a shot on my personal web servers earlier this year after a disaster with StartSSL. I'd like to share what I've learned. The biggest gotcha is that people tend to develop bad habits when they only have to deal with certificates once a

A great deal has been written on the subject of SSL certificate revocation. For context, I'll give a short rehash of the problem and arguments. The details of revocation aren't critical here so I'll over-simplify and pre-apologize. I encourage you to research it yourself. Suppose a CA gives you a

Sometimes, you should just stay in bed. Today was one of those days. Over my first coffee (of many) I check in with the other freebsd.org admin folks and see if there were any fires while I was asleep. I was reminded that one of our mail servers has

We don't run freebsd-update or portsnap in the freebsd.org cluster, but not for reasons you might think. It's more for philosophical and practical reasons. Having recently mentioned this in a firestorm on twitter, I will attempt to shed some light on why. The first reason is because I'm an

For the most part nginx has been my default go-to choice. While it has its quirks and strange design choices usually doesn't get in the way. Lately their refusal to backport bug fixes from their development version to the stable version has been causing some problems. Specifically, the "stable&

I confess. I use KDE on FreeBSD on my primary desktop. The nVidia drivers were the big enabler for me and it was enough to switch back from an OSX desktop to FreeBSD. My desktop demands weren't that great - my main use case was to be able to maintain

I have a problem that has irritated me for a while. I have lots of FreeBSD machines and jails. In general, all the command and control is pull based. For the most part, this works fine. Except where that's mighty inconvenient. For the sake of keeping the discussion simple, I'd

Last night's StartSSL outage - including the OCSP servers - was the last straw. I decided to give letsencrypt a go. I won't miss StartSSL - it was always painful to deal with them and having them permanently blacklist FreeBSD.org as a rogue site always bugged me. I didn't

There have been a number of how-to posts of various ages. Here's how I do it with no pain and suffering. There's some documentation in the FreeBSD handbook but it is not usable for a Comcast client configuration. Background: I use a simple FreeBSD-9 Via Nano X2 system for my

As many people in the FreeBSD community know, we're in the process of moving core parts of the FreeBSD.org cluster from one site to another. As part of the process we're taking the opportunity to pay off some of the tech debt and clean things up. In general, we're

I like twitter. I like that it encourages me to get to the point. But sometimes, it just isn't enough. Lately I've found myself resorting to pastebin-like services for adding extra information and posting a teaser with a link to twitter, but enough is enough. Behold, the blog! Yes, I've