SSH Security For Teams

Posted by Miguel Grinberg under Cloud.

Authentication Tokens

There are plenty of tutorials that cover the basic measures you need to take to secure a Linux server, including my own. What usually falls outside the scope of these tutorials is what other steps are recommended for a server that is going to be accessed by multiple people, such as a group of developers all working together as a team. Group access to a server introduces some challenges, as you will need to implement procedures to grant and revoke access as team members come and go, and do so without any compromises on security.


Coding on a Chromebook Revisited

Posted by Miguel Grinberg under Programming.

Google Chromebook

It's been over a year since I wrote my guide on setting up a cheap Chromebook for web development. In that article, I presented three different ways to install a Linux distribution instead of, or sometimes alongside ChromeOS, the native Chromebook operating system. These three methods were all a bit hacky. One required running a heavily sandboxed Android app, while for the other two you had to put the machine in developer mode, which bypasses some of the security measures that make the Chromebook one of the most secure laptops you can find.

Since I wrote that article in September 2017 there's been a new development. Now there is a fourth method of running a native Linux distribution, available to most Chromebook models from the last few years. What makes this new method interesting is that it is an officially supported feature of ChromeOS, so there is no need to activate developer mode, and no need to make concessions on the highly regarded Chromebook security model. This method is based on container technology, and is known by the project name Crostini.



Setting Up a Flask Application in PyCharm

In this short article and video I want to give you a few tips on setting up a PyCharm project for your Flask application. The idea is to set up a Flask application so that it can be executed, debugged, and tested from inside PyCharm Community Edition, which is fantastic IDE for Python that is completely free to download and use. If you want to see me go through the exercise, watch the video below. Then you can come to the article if you want a quick reference and summary of the steps required.



JSON Web Tokens with Public Key Signatures

JSON Web Tokens offer a simple and powerful way to generate tokens for APIs. These tokens carry a payload that is cryptographically signed. While the payload itself is not encrypted, the signature protects it again tampering. In their most common format, a "secret key" is used in the generation and verification of the signature. In this article I'm going to show you a less known mechanism to generate JWTs that have signatures that can be verified without having access to the secret key.



Flask Webcast #3: Circular Dependencies

In this live webcast I explain how to prevent circular dependency errors in Python. Most of this presentation is a live coding session in which I refactor a single-file Flask application into a fully fleshed out structure with multiple packages and modules, demonstrating how I completely avoiding circular dependencies.


The Flask Mega-Tutorial Part XXIII: Application Programming Interfaces (APIs)

This is the twenty third and last installment of the Flask Mega-Tutorial series, in which I'm going to tell you how to extend microblog with an application programming interface (or API) that clients can use to work with the application in a more direct way than the traditional web browser workflow.



The Flask Mega-Tutorial Part XXII: Background Jobs

This is the twenty second installment of the Flask Mega-Tutorial series, in which I'm going to tell you how to create background jobs that run independently of the web server.



The Flask Mega-Tutorial Part XXI: User Notifications

This is the twenty first installment of the Flask Mega-Tutorial series, in which I'm going to add a private message feature, along with user notifications that appear in the navigation bar without the need to refresh the page.



Flask Webcast #2: Request and Application Contexts

In this live webcast I explain what is the purpose of the request and application contexts in Flask, and why sometimes you get these weird errors about them.



The Flask Mega-Tutorial Part XX: Some JavaScript Magic

This is the twentieth installment of the Flask Mega-Tutorial series, in which I'm going to add a nice popup when you hover your mouse over a user's nickname.