Linux RHS333 - KERBEROS (beta)

MarGib July 19, 2026
🌐 🇵🇱 Polski · 🇬🇧 EN
Kerberos is a network authentication protocol. It was designed to provide strong authentication for client/server applications using secret-key cryptography. A free implementation of this protocol was created at the Massachusetts Institute of Technology (MIT). Many commonly used network protocols lack any security during data transmission. This fact is exploited by malicious hackers using network sniffing tools. Kerberos provides a solution that significantly increases the security of data transmitted over the network. It allows for verifying the identity of a client trying to access a server, and vice versa – the server can prove its identity to the client. This protocol also enables the encryption of all communication while maintaining data integrity.


Kerberos is a secure network authentication system based on verifying permissions using so-called tickets, which are secured with a secret encryption key. When using this mechanism, the relationship typically involves three components:

  • KDC - Key Distribution Center
  • Application Server
  • Client (machines, user terminals)

Tickets are issued by a central server called the KDC (Key Distribution Server). A local domain consists of all hosts using the same KDC to issue tickets, which can be compared to a NIS or LDAP domain. By default, the DNS domain for all members is named KERBEROS. For example, the KERBEROS domain for hosts in the example.com domain might be EXAMPLE.COM.

Every host running a network service that supports Kerberos authentication is called an application server. Each application server and each Kerberos user has an identity and a password assigned to it. The KDC stores the passwords of all users and services operating within a given domain. Users initially log in using their password, after which they are issued tickets by the KDC. Such a ticket allows the user to authenticate within the Kerberos domain and provides access to a specific service on another host where that service is running, assuming that host is also in the Kerberos domain (realm). Access to the service is possible without re-entering the password. It is standard practice to refer to a Kerberos domain as a - Kerberos realm

PRINCIPALS


Principals - a unique name, an identifier in the Kerberos realm that defines a user or a network service. A principal consists of three parts: primary, instance, and realm. Each principal has a key-encrypted password that must be remembered by the user. In the case of services, their passwords are stored in a keytab file. The KDC knows all passwords.

Each principal takes the following form:

primary/instance@REALM

where the "instance" element is optional, and if "REALM" is not provided, it takes the value defined in the file: /etc/krb5.conf.

For users, the "primary" value is their username. The "instance" value is usually not present and is used to describe roles or types of administrative access.

testowy@EXAMPLE.COM
testowy/admin@EXAMPLE.COM

The above forms of "principals" can be used for the same user, however, from the Kerberos point of view, they have separate passwords. The first version uses standard authentication. The second version is used when there is a need to perform work with administrative privileges.

A machine that is a service provider - an application server - must also have its own "principals" database. Here, however, we are talking about "principals" defining services, e.g.:

http/host1.example.com@EXAMPLE.COM
ftp/host1.example.com@EXAMPLE.COM

The above "principals" can belong to the httpd and ftp services running on the host1 machine. This host must allow network logins using sshd and rlogind. Services store their passwords in a keytab file.

AUTHENTICATION


The Key Distribution Center consists of:
  1. Authentication Server (AS) - grants TGTs to clients who want to use services available within the environment secured by Kerberos
  2. Ticket-Granting-Service (TGS) - a service that grants tickets based on a TGT
TGT - this is a special ticket (token) granted to a client (principal) with a confirmed identity in the Kerberos environment. This ticket allows the client to request further tickets for individual services.

Authorization process

  • The user enters their login and password
  • The service the client is logging into sends a request for a TGT for this "principal" to the KDC
  • The KDC sends back a TGT encrypted with the user's password to the service
  • If the service can decrypt the password contained in the TGT using the password provided by the user, the user will be logged into the service.

So, upon the first login, the user provides their username and password, which they use to authenticate with the Kerberos service. The username is converted into a "principal" format, and then a request is sent to the KDC for a TGT for the user, allowing them to request further tickets for selected services. The KDC creates a session encryption key, which will be used as the TGT. It keeps one copy locally, encrypts the second copy with the user's password, and sends it to the client.


  • The client sends a request for a ticket for a given service to the KDC using the previously received TGT
  • The KDC sends two identical copies to the client
    • One copy is encrypted using the TGT
    • The second copy is encrypted with the service's password
  • The client sends to the service
    • The ticket encrypted with the service's password
    • A timestamp encrypted using the ticket
The client uses the current TGT to decrypt the first copy of the ticket. Then, it creates an authenticator by encrypting the current timestamp using the previously decrypted ticket. The client sends the second copy of the ticket (encrypted with the service's password) along with the authenticator to the target service.

After receiving the ticket, the service decrypts it with its own password, which is stored in the keytab file. Since only the service and the KDC know the password, the service is certain that the ticket originated from the KDC. Next, the service decrypts the authenticator using the decrypted ticket. If the operation is successful, the service is certain that the client was able to decrypt the ticket received from it using a password matching the one stored in the KDC.


TICKET AND AUTHENTICATOR

A ticket allows a client to access a given service. A ticket consists of:
  1. Server name
  2. Client name
  3. Client IP address
  4. Timestamp
  5. Ticket lifetime
  6. Session key
A ticket is valid as long as its lifetime allows and can be used multiple times during that period.

The authenticator's task is to confirm that a given ticket is genuine. The authenticator is created every time a client wants to access a service. The authenticator contains:
  1. Client name
  2. Client IP address
  3. Client timestamp
The authenticator is encrypted with the session key. The timestamp in the authenticator serves as protection against automated (looped) attacks. Therefore, all hosts in the Kerberos realm must have accurate time synchronization (NTP).

KERBEROS SERVICE COMPONENTS


  1. Packages
    • krb5-server
    • krb5-libs
  2. Services
    • krb5kdc - (/usr/kerberos/sbin/krb5kdc) - Key Distribution Service
    • kadmind - (/usr/kerberos/sbin/kadmind) - Administrative database service
    • kpropd - (/usr/kerberos/sbin/kpropd) - Database maintenance service on slave servers
  3. Ports
    • UDP : 88, 464
    • TCP : 88, 749, 754
  4. Configuration files
    • /etc/krb5.conf - Main configuration file
    • /var/kerberos/krb5kdc/
      • kdc.conf - Server configuration specification
      • kadm5.acl - Access control to the administrative database
      • kpropd.acl - Slave machine permissions
      • principal - Kerberos service database
  5. Related topics
    • krb5-workstation
    • pam_krb5
    • ntp

MAIN CONFIGURATION FILE /etc/krb5.conf


The main Kerberos service configuration file is /etc/krb5.conf. This file stores information regarding settings and KDC locations. By default, the file is located in /etc/, but this can be changed by setting the KRB5_CONFIG environment variable.

Sections of the krb5.conf file :

  • [libdefaults] - controls default Kerberos libraries.
  • [realms] - settings regarding the Kerberos "realm" (domain).
  • [domain-realm] - settings defining connection maps to remote hosts in the domain
  • [capaths] - authentication paths for non-hierarchical cross-realm
  • [appdefaults] - Kerberos settings for selected applications and services
  • [plugins] - controls settings for additional modules
The most important section of the main file is [libdefaults], which controls the default Kerberos libraries used. The next important item is [realms], where "realm" settings are located, and [domain_realm], which is the configuration for remote host connections.

By default, the /etc/krb5.conf file looks like this:

[root@station1 ~]# vim /etc/krb5.conf

[logging]
 default = FILE:/var/log/krb5libs.log
 kdc = FILE:/var/log/krb5kdc.log
 admin_server = FILE:/var/log/kadmind.log

[libdefaults]
 default_realm = EXAMPLE.COM
 dns_lookup_realm = false
 dns_lookup_kdc = false
 ticket_lifetime = 24h
 renew_lifetime = 7d
 forwardable = true

[realms]
 EXAMPLE.COM = {
  kdc = kerberos.example.com
  admin_server = kerberos.example.com
 }

[domain_realm]
 .example.com = EXAMPLE.COM
 example.com = EXAMPLE.COM

INSTALLING KDC (KEY DISTRIBUTION CENTER)


The system must have the appropriate krb5-server and krb5-libs packages. Basic settings are implemented in the /etc/krb5.conf file. Additional settings are configured in /var/kerberos/krb5kdc/kdc.conf, where we can control various specific settings. Finally, there is access control, which can be set in the /var/kerberos/krb5kdc/kadm5.acl file.

Step 1 - installing the required packages.

# yum install krb5-server
# yum install krb5-libs

You will also need a Kerberos database, which we must create.

Step 2 - Creating the Kerberos database

To create the database, we use the kdb5_util tool, which allows the administrator to perform low-level operations regarding the Kerberos database.

# kdb5_util create -r REALM -s

example:

# kdb5_util create -r station1.example.com -s


NOTE!

If you are doing this for educational or testing purposes, you may wait a long time for the prompt asking for the database password. This happens because random data generated based on disk or network operations is needed, and these types of operations must take place in the system. On a machine set up in, for example, VirtualBox, not much will be happening, and we must trigger such operations artificially.

Such a trigger can look like this:

# for i in `seq 1 10000`; do echo $i > dupa$i; sync; sync; done

After performing the above operation, you will be asked to provide the master database password:

# kdb5_util create -r STATION1.EXAMPLE.COM -s
Loading random data
Initializing database '/var/kerberos/krb5kdc/principal' for realm 'STATION1.EXAMPLE.COM',
master key name 'K/M@STATION1.EXAMPLE.COM'
You will be prompted for the database Master Password.
It is important that you NOT FORGET this password.
Enter KDC database master key:
Re-enter KDC database master key to verify:

Step 3 - Editing the kdc.conf file

In the /var/kerberos/krb5kdc/kdc.conf file, we edit the [realms] section:

[kdcdefaults]
 kdc_ports = 88
 kdc_tcp_ports = 88

[realms]
STATION1.EXAMPLE.COM = {
  master_key_type = aes256-cts
  acl_file = /var/kerberos/krb5kdc/kadm5.acl
  dict_file = /usr/share/dict/words
  admin_keytab = /var/kerberos/krb5kdc/kadm5.keytab
  supported_enctypes = aes256-cts:normal aes128-cts:normal des3-hmac-sha1:normal arcfour-hmac:normal des-hmac-sha1:normal des-cbc-md5:normal des-cbc-crc:normal

Step 5 - Configuration in the kadm5.acl file




Facebook X E-mail

Comments

Dodaj komentarz

Explore

Labels

learning 15 Security 13 automation 12 news 11 Anthropic 10 Windows 10 browsers 10 Automation 9 Opera 9 Technology 9 AI ethics 8 Configuration 8 RHCE 8 Software 8 facebook 8 web applications 8 Exam 7 LLM 7 OpenAI 7 chrome 7 coaching 7 curiosities 7 technology 7 www 7 Docker 6 Microsoft 6 Mind 6 Programming 6 Red Hat 6 Web browser 6 cybersecurity 6 entertainment 6 new technologies 6 security 6 AI agents 5 ChatGPT 5 Claude AI 5 Cybersecurity 5 God 5 Performance 5 Productivity 5 algorithms 5 books 5 machine learning 5 network 5 networking 5 open source 5 programming 5 AI 2026 4 CentOS 4 Claude 4 IT security 4 LVM 4 Open Source 4 RH442 4 RHS333 4 Ubuntu 4 Vivaldi 4 Windows 10 4 Windows system administration 4 applications 4 bash 4 containers 4 future of technology 4 future of work 4 health 4 language models 4 mindfulness 4 n8n 4 people 4 photography 4 psychology 4 system administration 4 trivia 4 AI safety 3 Administration 3 Android 3 BIG DATA 3 Business 3 FIFA 3 Firefox 3 Google projects 3 Homelab 3 Installation 3 Kubernetes 3 Local AI 3 Personal Development 3 Personal Finance 3 Privacy 3 Programs 3 Python 3 communication 3 computer science 3 extensions 3 faith 3 ftp 3 games 3 good movie 3 help 3 human 3 interesting websites 3 interface 3 macOS 3 media 3 mental health 3 money 3 open-source 3 opensource 3 personal competencies 3 personal development 3 privacy 3 reading 3 religion 3 tools 3 users 3 virtualization 3 web browser 3 websites 3 AGI 2 AI Act 2 AI assistant 2 AI at work 2 AI benchmarks 2 Apache 2 Asus 2 AutoGen 2 Career 2 Centos 2 Claude 3.5 Sonnet 2 Cloud 2 Codex 2 DNS 2 Debian 2 Debugging 2 DevOps 2 Docker Machine 2 Drones 2 Education 2 Error 2 Fable 2 Free Red Hat 2 GDPR 2 GPT-4 2 Guide 2 Hardware 2 Intel 2 Intelligence 2 Japan 2 JavaScript 2 Job Market 2 Kerberos 2 Kernel 2 Linux kernel 2 Machine Learning 2 Medicine 2 Mythos 2 NIS 2 Navy SEALs 2 Netflix 2 Poland 2 Psychology 2 Puppeteer 2 RAID 2 RHEL7 2 RSS 2 Rocky Linux 2 Rust 2 Sakana AI 2 Security Network Services 2 Self-hosting 2 Servers 2 Software Engineering 2 Ubuntu Server 2 Windows administration 2 Windows errors 2 ansible 2 better life 2 brain 2 brain-computer interfaces 2 chat 2 children 2 cloud storage 2 communicator 2 communities 2 computer intelligence 2 computers 2 conferences 2 courses 2 creativity 2 critical thinking 2 curl 2 cyberattacks 2 data 2 death 2 developer tools 2 digital detox 2 digital hygiene 2 documentary 2 earning 2 emotions 2 file storage 2 file system 2 fix 2 free application 2 free courses 2 free knowledge from the internet 2 free training 2 future of AI 2 future skills 2 genius 2 hacker 2 investments 2 iostat 2 iptables 2 kernel 2 labor market 2 local AI 2 logs 2 mind manipulation 2 mind programming 2 mobile 2 mobile apps 2 mobile phones 2 motivation 2 movie 2 multimedia 2 neurotechnology 2 operating systems 2 optimization 2 overstimulation 2 partitions 2 performance 2 personal thoughts 2 philosophy 2 photos 2 plugin 2 podcast 2 prompt 2 regulations 2 sar 2 scientific facts 2 self-development 2 shell 2 social media 2 software 2 technological innovations 2 technology addiction 2 terminal 2 torrent 2 trick 2 virtualbox 2 wealth 2 weather 2 web 2 wisdom 2 youtube 2 (Treści etykiet nie zostały podane w treści wejściowej) 1 120B models 1 2026 photography market 1 21st Century Skills 1 2FA 1 2nm processors 1 3D printing 1 5 GHz 1 6 GHz 1 64 bit 1 7 1 ACT therapy 1 AF_ALG 1 AGAT 1 AI API key theft 1 AI Agents 1 AI Frameworks 1 AI Governance 1 AI History 1 AI Safety 1 AI addiction 1 AI agent attack 1 AI autonomy 1 AI censorship 1 AI chatbots 1 AI collaboration 1 AI cyber threats 1 AI cybersecurity 1 AI future 1 AI governance 1 AI in Linux 1 AI in art 1 AI in education 1 AI in healthcare 1 AI in industry 1 AI in school 1 AI in science 1 AI in sports 1 AI integration 1 AI interaction 1 AI on mobile devices 1 AI optimization 1 AI regulation 1 AI security 1 AI superchips 1 AI threats 1 AI tool attacks 1 AI tools 1 AI workflows 1 AIMP 1 AMD ROCm 1 AMLD6 1 API 1 API key protection 1 AWS 1 Acquisition 1 Agentjacking 1 Alan Watts 1 Alexander Gerst 1 Alfred 1 AlmaLinux 1 Alpine Linux 1 Amazon Kuiper 1 Andrej Karpathy 1 Anonymous 1 Apple 1 Apple 2025 1 Apple Silicon 1 Aria AI 1 Audacity 4 1 AutoJack 1 Azure 1 BCI 1 Backstage 1 Banking 1 Bash 1 Bazel 1 Bible 1 Big Data 1 Bill Warner 1 Biotechnology 1 Black Mirror 1 Blackwell B100 1 Blockchain 1 Bonding 1 Bono 1 Business and Finance 1 C++ 1 CCPA 1 CPU 1 CUA 1 CUDA 1 CVE-2026 1 Career Development 1 Chat GPT 1 Chemtrails 1 ChildOnlineSafety 1 Claude Cowork 1 Claude Fable 1 Claude Sonnet 5 1 Coaching 1 Computer-Using Agent 1 Constitutional AI 1 Copilot 1 Copilot for Finance 1 Couching 1 CrewAI 1 Cryptocurrencies 1 Cyberbullying 1 DFS 1 DMA 1 DORA 1 DSA 1 Dario Amodei 1 Darwin 1 Data Science 1 Deep Learning 1 Deep Reading 1 DeepSeek 1 Deepseek 1 Deluge 1 Devin AI 1 Diagnostics 1 Digitalization 1 Distributions 1 Docker containers 1 Drivers 1 Dystrybucje 1 E2EE 1 E2EE vulnerabilities 1 EA GAMES 1 EA SPORTS 1 Earth AI 1 Economics 1 Email 1 Emigration 1 Enterprise Linux 1 Entrepreneurship 1 Epicureanism 1 European Funds 1 European Union 1 European technology 1 Excel 1 FIFA 16 1 Facebook 1 Fact-checking 1 Fake News 1 Flannel 1 Flynn Effect 1 Football 1 Formoza 1 Foundation 1 Free 1 Free Software 1 Free software 1 Fugu Ultra 1 Future 1 Future of Finance 1 Future of Work 1 GLM-5.2 1 GPG Tools 1 GPT 1 GPT-4.5 1 GPT-4o 1 GPT-Live 1 GPU Cloud 1 GROM 1 GRUB 1 GUI 1 Gemini 1 Gemma 4 1 Generation Z 1 GhostLock 1 GitHub 1 GitOps 1 Golden Gate 1 Google Assistant 1 Google DeepMind 1 Google Gemma 4 12B 1 Google Research 1 Google activity 1 GoogleFamilyLink 1 Goose 1 Got Talent 1 Gregory Kurtzer 1 Guides 1 HTML 1 Hardware Requirements 1 Health Intelligence 1 Hygge 1 IAM 1 IBM 1 IDE 1 IDE security 1 IQ 1 ISIS 1 ISO 1 ISS 1 IT 1 IT automation 1 IT costs 1 IT history 1 Innovation 1 Intelligent email 1 Internet Browser 1 Internet browser 1 InternetEducation 1 Interview 1 Islam 1 Islamic State 1 Jacquard 1 Jboss 1 Jellyfin 1 JetBrains Marketplace 1 Jetson Thor price 1 Joel Pearson 1 Kali Linux 1 Karen Hao 1 Khan Academy 1 Kimi K3 1 Kodi 1 Kylian Mbappé 1 LLM Deployment 1 Labor Market 1 LangChain 1 Legal regulations 1 LibreOffice 1 Linus Torvalds 1 Linux 7.3 1 Linux automation 1 Linux diagnostics 1 Linux for business 1 Linux system tools 1 Linux task management 1 Linux task scheduling 1 Logs 1 Londoners 1 MAS 1 MCP 1 MFA 1 MLX 1 Maps 1 MarGib_Film 1 Marek Jankowski 1 Mars helicopter 1 Material Design 1 Matt Pocock 1 Microsoft 365 1 Military 1 Mindfulness 1 Mistral AI 1 Miłosz Brzeziński 1 Model Context Protocol 1 Monitoring 1 Moonshot AI 1 MrBallen 1 Multi-Agent Systems 1 My take 1 NATO 1 NFS 1 NIS2 1 NTFS 1 NVIDIA 1 NVIDIA Blackwell 1 NVIDIA Jetson Thor 1 National security 1 Neural Networks 1 New 1 Nginx 1 No comment 1 Node.js 1 Non-profit 1 Notion 1 Nvidia 1 Odysseus 1 OneTrust 1 OpenSSL 1 Opera Air 1 Opera Neon 1 Opera Touch 1 Operating Systems 1 P2P 1 PARP 1 PDF conversion 1 PDF editor 1 PDF merging 1 Pac-Man 1 Pekao S.A 1 Peperclips 1 Perceptron 1 Personal development 1 Philosophy 1 Photoshop 1 Playwright 1 Plex 1 Poland 2026 1 Poles 1 Polish universities 1 PostgreSQL 1 PowerShell 1 Preview 1 Project Maven 1 Project TANGO 1 Proton Drive 1 Proxmox 1 PyTorch 1 Qt Creator 1 Quick Actions 1 Quota 1 Quotes 1 RHEL 1 RHEL8 1 RHSCA 1 RPM 1 Raspberry PI 1 Raspberry Pi 1 Raspbian 1 Raycast 1 Red Hat 8 1 Red Hat Enterprise Linux Developer Suite 1 Red Hat Network Satellite 1 RedHat 8 1 Regex 1 Robo-advisors 1 Routing 1 SMEs 1 SUSE 1 SafeInternet 1 SaferInternetDay 1 Safety 1 Sakana Fugu 1 Search 1 Sector 3.0 Festival 1 Security Auditing 1 September 23 2017 1 Server Administration 1 Signal 1 Smart City 1 Snip. 1 Social Media 1 Soli 1 Solo Projects 1 Solopreneurship 1 Something from myself 1 Sound 1 Sovereign AI 1 Sport 1 Spotify 1 Stacher.IO 1 Stacher.IO installation 1 Starlink 1 Steam Deck 1 Stoicism 1 SysAdmin 1 System Administration 1 Tech 1 Tech Weekly 1 Telegram 1 TensorFlow 1 The Shack 1 Time Management 1 Tips 1 Tokenomics 1 Tools 1 Tribler 1 Tutorial 1 U.S. 1 U.S. government 1 U2 1 UI testing 1 USB 1 UV 1 Ubuntu 26.04 1 VentuSky 1 VirtualBox 1 Virtualization 1 WBC 1 WSL 3 1 WWDC 2026 1 WWDC26 1 Warsaw 1 Weave 1 Web Scraping 1 Websites 1 WhatsApp 1 Wi-Fi 6 1 Wi-Fi 6E 1 Wi-Fi channels 1 Windows update 1 Work 1 Workflow 1 World Cup 1 World Cup 2026 1 World Cup AI 1 World Wide Web 1 X-Files 1 X-files 1 YouTube 1 Yuval Noah Harari 1 ZUS 1 ZenFone 1 Zero-Touch OAuth 1 Zorin OS 1 a drop of motivation 1 about this blog 1 academic fraud 1 access control 1 account security 1 achieving goals 1 ad blocking 1 addiction 1 administrator 1 agent systems 1 aids 1 ampere altra 1 analog photography 1 animations 1 application prototyping 1 arm servers 1 arm64 1 assertiveness 1 astronomy 1 at one-time tasks 1 at vs cron 1 atd daemon 1 audio 1 audio editing 1 authenticity in art 1 authorization 1 autofs 1 automateit 1 automation security 1 automation system attack 1 autonomous cars 1 awareness 1 awk 1 aws graviton 1 bank 1 bash on windows 1 bat files 1 batch 1 battery 1 beliefs 1 beta 1 better living 1 better quality 1 big data 1 bin/bash 1 biodiversity 1 blocking 1 blogger 1 body language 1 bookmarks 1 boot 1 bootable usb 1 boxing 1 browser automation 1 business intelligence 1 c# 1 cache 1 calc 1 campaign 1 cards 1 centralized platforms 1 chemistry 1 child psychology 1 children's emotional development 1 city design 1 clearance 1 cli tools 1 climate change 1 clothing industry 1 cloud 1 cmd 1 code editor 1 cognitive abilities 1 cognitive psychology 1 coldplay 1 command history 1 command line 1 command prompt 1 commando training 1 comments 1 compliance 1 compliance automation 1 compliance tools 1 computer interaction 1 computer performance 1 concentration 1 configuration management 1 conntrack 1 console 1 conspiracy 1 conspiracy theories 1 controversial 1 converter 1 corporate world 1 cost optimization 1 courage 1 courses for free 1 cron 1 cryptography 1 cynics 1 dark mode 1 data security 1 database 1 datasette 1 date and time 1 deep brain stimulation 1 deep learning 1 democracy 1 desertification 1 design patterns 1 design systems 1 developers 1 digital addiction 1 digital clothing 1 digital competencies 1 digital education 1 digital ethics 1 digital habits 1 digital manipulation 1 digitalization 1 disqus 1 document 1 document conversion 1 document signing 1 dreams 1 drop of motivation 1 drought 1 dubai 1 dying 1 e-book 1 eBPF 1 ecology 1 economy 1 ecosystem restoration 1 edge computing 1 elections 1 encryption 1 end of the world 1 end of world 1 end-to-end encryption 1 energy 1 energy efficiency 1 environment and health 1 ethical AI 1 evolution 1 excel 1 exploitation 1 extreme 1 fdisk 1 file sharing 1 file size 1 film zone 1 firewall 1 flash drive 1 flat earth 1 flying 1 food 1 football 1 for sale 1 format change 1 free 1 free software 1 friend location 1 future of architecture 1 future of education 1 future of energy 1 future of humanity 1 future of medicine 1 future of the brain 1 future of the internet 1 future of transport 1 game 1 geoengineering 1 global connectivity 1 google chat 1 graphics 1 graphics editors 1 growing up 1 hacking 1 happiness 1 hard-link 1 hashing 1 hedonic adaptation 1 helion 1 history 1 hivemind 1 hobby 1 home hosting 1 homelab 1 hostname 1 hostnamectl 1 hosts.allow 1 hosts.deny 1 how many people live on earth 1 httpd 1 humanity 1 humor 1 hybrid cloud 1 iOS 1 iPhone 18 Pro 1 iPhone launch 1 iSCSI 1 iftop 1 image generation 1 immortality 1 influencer criticism 1 information manipulation 1 infrastructure 1 infrastructure scalability 1 innovation 1 installation 1 integrations 1 intelligence 1 internet applications 1 investigative journalism 1 investing 1 jailbreaking 1 javascript 1 job market 1 kernel security 1 keyboard shortcuts 1 kuba wojewódzki 1 light 1 limits 1 linux kernel 1 livepatch 1 login 1 loop-audit 1 loop-cost 1 loop-init 1 macOS Sequoia 1 machine cloning 1 magic 1 make life harder 1 making money 1 malicious JetBrains plugins 1 malware in IDE 1 markdown 1 markitdown 1 material design 1 media streaming 1 medicine 1 meditation 1 memory 1 message security 1 messenger 1 meteorology 1 microsoft 1 microtargeting 1 military ethics 1 mobile applications 1 mobile photography 1 model interpretability 1 modern technologies 1 monitoring 1 monorepo 1 mounting 1 mounting image 1 mp3 player 1 mpstat 1 multimedia tools 1 multimodality 1 music 1 music player 1 mysteries 1 n8n security 1 national defense 1 nature conservation 1 net use 1 nethogs 1 network cards 1 network monitoring 1 network resources 1 network security 1 neurobiology 1 neuroenhancement 1 neuroplasticity 1 neuropsychology 1 new life 1 new player 1 new things 1 nftables 1 office 1 onboarding 1 one-time cron 1 onestep4red 1 online 1 online courses 1 online privacy 1 operating system 1 outage 1 package manager 1 paper clips 1 paradox of the fulfilled dream 1 parenting 1 parents 1 parted 1 password 1 password change 1 password policy 1 password recovery 1 password security 1 passwords 1 pdf 1 penetration testing 1 perseverance 1 persistent memory 1 personal data 1 phishing 1 php 1 plagiarism detection 1 plague 1 player 1 poison 1 police 1 predictions 1 privilege escalation 1 processes 1 productivity 1 productivity tools 1 promissory notes 1 protection 1 ps 1 python 1 questions 1 radar 1 raspberry pi 5 1 real-time AI 1 red 1 relax 1 relaxation 1 remote work 1 renewable energy sources 1 reportage 1 rest 1 risk 1 robotaxi 1 root 1 router 1 routing 1 runlevel 1 satellite data 1 satellite internet 1 science 1 scientific research 1 scraping 1 screen 1 screenshot 1 self-hosting 1 series 1 server 1 settings 1 shadow AI 1 show 1 skills 1 skydive 1 sleep 1 small big company 1 smart clothing 1 smartphone 1 smartphones 1 social engineering 1 society 1 software engineering 1 space 1 space technology 1 special forces 1 sport 1 sports 1 spreadsheet 1 sqlite 1 stale data 1 stalking 1 statistics 1 streaming 1 sub-millimeter sensor 1 success 1 symbolic link 1 syngrapha 1 sysctl 1 syslog 1 system acceleration 1 system diagnostics 1 system kernel 1 systemd 1 tablet 1 talk show 1 tcpdump 1 technical documentation 1 technology 2026 1 technology ethics 1 technology future 1 technology regulations 1 television 1 terrorism 1 testing 1 the world in numbers 1 theology and science 1 threats 1 time management 1 time travel 1 timelapse 1 tips 1 traditional photography 1 tutorials 1 two-factor authentication 1 ubuntu 1 udev 1 upbringing 1 updates 1 user interface 1 video conversion 1 violence in the military 1 viral 1 walking 1 walking meetings 1 water retention 1 weather forecasting 1 webmaster 1 wellbeing 1 wind energy 1 wind turbine optimization 1 windows automation 1 wireless network 1 word processing 1 work 1 work automation 1 world 1 world cup 2026 1 world wide web 1 you are a miracle 1 yum 1 zeitgeist 1

Blog archive

Table of contents