Almost every developer ends up using a VPN for work sooner or later. Apart from figuring out how to authenticate, it’s seemingly a simple matter. VPNs—usually associated with privacy—can unfortunately be a source of serious privacy leaks just as easily. Let’s talk about what we may want to check after connecting to a corporate VPN.
Sometimes I need to access my files on my servers using SSH/SCP from an untrusted device and/or application. Usually I would create a new SSH key pair so that I can easily revoke these credentials later if such need arises. But what if the used application doesn’t support SSH keys or we do not want to use them for some reason? There is a trick supposedly used by sysadmins in the olden days, before sudo was around.