Let’s Encrypt without port 80

To obtain a Let’s Encrypt certificate, you have to prove that you control the domain name(s) the certificate will cover. The simplest and most common way to do this involves placing a special file at a special URL on your website, which Let’s Encrypt then checks by making an HTTP request to your server on port 80. Most popular ACME clients such as Certbot can easily automate this domain validation method.

Unfortunately, this doesn’t work in the case where port 80 is closed.

Electronic voting

With the impending demise of Google+, I went through my posts there and found exactly one that I considered to be worth saving from the chopping block. Here it is; originally posted in May 2014.

TV3’s Vincent Browne is, disappointingly, the latest to jump on the bandwagon suggesting that Ireland ought to take a step backwards and repeat the disastrous attempt to introduce electronic voting.


Letter to Michael McDowell about online voting

Dear Mr. McDowell,

I received your materials outlining your priorities for Seanad Éireann and was dismayed to learn that you advocate “online voter registration and voting”.

Voting in Seanad Éireann elections is at present conducted by means of a postal ballot. Postal voting already presents a variety of serious threats to the confidentiality and integrity of the ballot. Online voting would solve none of these problems, exacerbate most of them, and introduce some new and unique problems of its own.

Alternatives to SSH agent forwarding

SSH has a handy feature called agent forwarding that allows you to log in to a remote server and use the keys loaded into your local ssh-agent as if they were on the server. Unfortunately, this useful feature has a downside: it’s not safe to use on servers you don’t trust. Here are some alternatives.