Given our experience with SSH we are often asked about restricted shells. In this article we cover some common ways so-called 'secure restricted shells' are implemented to show what works and what doesn't work.
What is a microservice? Should you be using microservices? How are microservices related to containers and Kubernetes? If these things keep coming up in your day-to-day and you need an overview in 10 minutes, this blog post is for you.
An overview of Teleport's SSH certificate authority pinning capability and discussion of how HTTP public key pinning (HPKP) can be used to improve SSH CA user experience.
The universe of serverless-wielding software architects and Kubernetes cluster operators has started to collide and, yet again, Google is in the driver's seat. In this article we'll wander down the CNCF's Serverless Landscape in chronological order, quickly discovering that Knative is the sweet mamba jamba of open source lambda competitors.
In this post we'll explore K8s community decision making process by looking underneath the hood of the 'kerfluffe' of Google LLC being called out by Samsung SDS engineers for skipping 'graduation criteria' while merging the new 'kustomize' subcommand into upstream 'kubectl'.
The recently discovered xterm.js vulnerability shows how bugs are hard to kill as technology evolves.
Proud new Kubernetes cluster owners are often lulled into a false sense of operational confidence by its consensus database’s glorious simplicity. In this Q&A, we dig into the challenges of in-place upgrades of etcd beneath autonomous Kubernetes clusters running within air-gapped environments.
This post discusses the different approaches that can be taken to gracefully restart an application and provides a working sample that can be used to dig into the details. This post should be interesting to developers and SREs who build and maintain services written in Go.
This post is the first of an ongoing series about interesting issues and bugs that the Teleport team has worked on. This post, about missing SIGINTs and SSH, should be interesting for developers who leverage signal handling in terminal-based applications written in Go.
Why using cryptographic hashes doesn't make data anonymous.
It might be mundane and boring but keeping track of your FOSS license usage can save you from a big headache at the least opportune time.
We are playing with Elastic Beats, doing structured logging with Golang and Elastic Search
We discuss effective ways to handle errors in Go programming language.