Tag: sysadmin

iptables is being phased out. nftables is faster, cleaner, and already the default on modern Linux. Here's how to actually use it without wanting to quit.

Linux ships with conservative kernel defaults meant for general use. These sysctl settings tune your server for networking, memory, and file I/O — with explanations, not just values to paste.

Cockpit is the modern systemd-native Linux admin panel. Webmin is the veteran that configures everything. Here's which one should be on your servers — and which shouldn't.

Adding TOTP to SSH and sudo takes 10 minutes and makes password spray attacks useless. Here's the setup that won't lock you out of your own server.

Cron has been scheduling your jobs since before you were born. Systemd timers do everything cron does, plus logging, dependencies, and missed-run recovery.

Managing authorized_keys across 10 servers is how you lose track of who has access to what. An SSH CA lets you sign keys and revoke access without touching every server.

LUKS encrypts your drives so a stolen server is just expensive recycling. Here's how to set it up, manage keys, and unlock headless boxes remotely.

An AWS engineer found Linux 7.0 halved their PostgreSQL performance. The fix was kernel tuning. Here's what settings matter and why, so you're not the last to know.

Run multiple Proxmox VMs and LXC containers behind a single public IP using NAT bridging and iptables port forwarding. Updated for Proxmox VE 8.

Attackers love finding ways to go from www-data to root. Here's how they do it, and more importantly, how you harden your Linux boxes to stop them.

Out of RAM and no time to reimage? Add swap via a file on any partition using mkswap, swapon, and fstab — done in under 5 minutes.

Count files in a directory (recursively or not) with find, ls, and tree — quick one-liners for when du just isn't telling you enough.