About me: My name is Solène Rapenne, pronouns she/her. I like learning and sharing knowledge. Hobbies: '(BSD OpenBSD Qubes OS Lisp cmdline gaming security QubesOS internet-stuff). I love percent and lambda characters. OpenBSD developer solene@. No AI is involved in this blog.

Contact me: solene at dataswamp dot org or @solene@bsd.network (mastodon).

I'm a freelance OpenBSD, FreeBSD, Linux and Qubes OS consultant, this includes DevOps, DevSecOps, technical writing or documentation work.

If you enjoy this blog, you can sponsor my open source work financially so I can write this blog and contribute to Free Software as my daily job.


2024-06-08 OpenBSD extreme privacy setup

2024-05-24 Improve your SSH agent security

2024-04-27 OpenBSD scripts to convert wg-quick VPN files

2024-04-20 A Stateless Workstation

2024-03-30 Lessons learned with XZ vulnerability


2023-12-31 OpenBSD workstation hardening

2023-12-24 Qubes OS backup transfer from old to new computer

2023-11-03 Run your own Syncthing relay server on OpenBSD

2023-10-18 Run your own Syncthing discovery server on OpenBSD

2023-10-04 Port of the Week: Presenting Syncthing

2023-09-24 Firefox hardening with Arkenfox

2023-09-08 How to add pledge to a program in OpenBSD

2023-08-05 Authenticate the SSH servers you are connecting to

2023-06-22 Ban scanners IPs from OpenSMTP logs

2023-06-17 Why one would use Qubes OS?

2023-06-17 Using git bundle to synchronize a repository between Qubes OS dom0 and an AppVM

2023-06-16 OpenKuBSD progress report

2023-06-06 OpenKuBSD design document


2022-12-01 Authentication gateway with SSH on OpenBSD

2022-11-20 Automatic prompt to unlock remote encrypted partitions

2022-11-17 Hard user separation with two NixOS as one

2022-10-06 A NixOS kiosk

2022-10-02 Extending fail2ban on NixOS

2022-09-29 Automatically ban ports scanner IPs on NixOS

2022-09-25 How to trigger services restart after OpenBSD update

2022-08-03 Creating a NixOS live USB for a full featured APU router

2022-07-23 How to use sshfs on OpenBSD

2022-07-19 How to use Docker from a Linux host system to escalate to root

2022-04-23 Routing a specific user on a specific network interface on Linux

2022-01-13 Harden your NixOS workstation


2021-12-20 Restrict users to a network interface on Linux

2021-12-16 OpenVPN on OpenBSD in its own rdomain to prevent data leak

2021-07-30 Automatically lock screen on OpenBSD using xidle and xlock

2021-07-25 OpenBSD full Tor setup

2021-06-12 How to use Tor only for onion addresses in a web browser

2021-05-09 Introduction to security good practices

2021-03-21 Securely share a secret using Shamir's secret sharing

2021-02-14 What security does a default OpenBSD installation offer?

2021-02-14 Firejail on Linux to sandbox all the things

2021-02-06 Filtering TCP connections by operating system on OpenBSD

2021-02-06 Enable multi-factor authentication on OpenBSD

2021-01-14 Vger security analysis


2019-09-06 GPG2 cheatsheet


2018-11-08 Safely restrict commands through SSH

2018-10-11 Tor part 2: hidden service

2018-10-10 Tor part 1: how-to use Tor


2017-03-17 How to check your data integrity?

2017-01-20 Let's encrypt on OpenBSD in 5 minutes


2016-10-19 Port of the week: dnscrypt-proxy

2016-08-12 Port of the week: pwgen

2016-07-04 Stop being tracked by Google search with Firefox