Upgrading a server from Debian 8 to Debian 9 - I noticed in /etc/ssh/sshd_config that ‘PermitRootLogin’ had the argument ‘prohibit-password’. Having not seen that before I wondered what the difference was between that and ‘without-password’.
Turns out that mean and do the same thing - but ‘prohibit-password’ was introduced to be less ambigous. So there you have it!

Check out the release notes here for proof :-)

openssl s_client -servername NAME -connect HOST:PORT 2>/dev/null | openssl x509 -noout -dates

Like any good paranoid netizen I use a password manager to create unique passwords for each website, the problem that I have with unique passwords is that if you need to remember them for any period of time (even 20 seconds) while you type the password somewhere (because copy and paste is not supported for some reason) then it’s nearly impossible to do so!

I have also cracked my fair share of passwords in this day and age and know the passwords patterns / rules used to create an extended wordlist based on how people create passwords, eg. YourPetName2017. So what do we need? We need dictionary words, completely random, at least four of them and with a space separator plus numbers and symbols. So by utilising this methodology we get the website: https://xkpasswd.net/s/

So I ask you which is easier to remember for 20 seconds:
?02-dollar-space-french-25? OR shegh3xohzu4ahjaekiik%eiqu#u

Oh and bookmark that website! :-)

Type the following in the Chrome link bar:

chrome://flags/#show-cert-link

Then ‘enable’ the ‘Show Certificate Link’ :-)

If you work in the ISP space you might need to check if a down or upstream server is set up to allow Zone Transfers (AXFR).

Test via:

dig -b your-dns-server-ip-with-permission-address @their-dns-server-ip-address exampleDomain.com AXFR
eg. dig -b 8.8.8.8 @208.67.222.222 exampleDomain.com AXFR

And it should return some records about the zone!