Episodes

  • Linux Server SSH Hardening with Security Keys

    Linux Server SSH Hardening with Security Keys
    Jun 15 2026
    In this episode, Lucas and Luna dive into the practical steps for hardening SSH on Linux servers using FIDO2/U2F security keys. They explain why password and even key-based authentication often fall short, then walk through the setup: generating a key backed by a hardware token, configuring sshd to accept only ed25519-sk keys, and disabling password login. The conversation covers real-world friction points like handling multiple servers, backup authentication methods, and the surprising lesson one sysadmin learned after locking themselves out. By the end, listeners have a concrete, implementable security upgrade for their own infrastructure. #Linux #SSH #SecurityKeys #FIDO2 #U2F #Sysadmin #ServerHardening #Ed25519 #Cybersecurity #Authentication #OpenSSH #Technology #FexingoBusiness #BusinessPodcast #ServerAdmin #InfrastructureSecurity #SSHConfig #HardwareToken Keep every episode free: buymeacoffee.com/fexingo
    Show More Show Less
    10 mins
  • How to Use Linux BPF for Real-Time Performance Tracing

    How to Use Linux BPF for Real-Time Performance Tracing
    Jun 14 2026
    Episode 51 of Linux Server Admin with Fexingo dives into BPF (Berkeley Packet Filter) as a practical tool for real-time performance tracing on Linux servers. Hosts Lucas and Luna walk through a concrete scenario: diagnosing a mysterious latency spike in a web application without restarting or installing new packages. Lucas explains how bpftrace lets you attach one-liners to kernel probes to measure disk I/O, syscall latency, and scheduling delays, using real examples like tracing ext4 file operations and identifying a slow NFS server. The episode covers the difference between classic BPF and eBPF, common one-liners for sysadmins, and safety mechanisms that prevent crashes. Listeners learn how BPF can replace older tools like strace for production use by being safer and more efficient. The hosts also touch on how to check if your kernel supports BPF and where to find pre-built tools like BCC. Perfect for server admins who want deeper observability without overhead. #Linux #BPF #eBPF #PerformanceTracing #Sysadmin #Bpftrace #Kernel #Observability #ServerManagement #LinuxPerformance #BCC #Troubleshooting #Technology #FexingoBusiness #BusinessPodcast #ServerEngineering #DevOps #RealTimeMonitoring Keep every episode free: buymeacoffee.com/fexingo
    Show More Show Less
    13 mins
  • How to Use Linux Namespaces for Process Isolation

    How to Use Linux Namespaces for Process Isolation
    Jun 14 2026
    In episode 50 of Linux Server Admin with Fexingo, Lucas and Luna dive into Linux namespaces for process isolation, focusing on the PID and network namespaces. They walk through real commands — unshare, nsenter, ip netns — to show how to create isolated environments without Docker. Lucas shares a story about using namespaces to run a legacy application in isolation on a production server, avoiding the overhead of full containerization. They also cover how to inspect existing namespaces and common pitfalls like namespace leaks. Perfect for sysadmins who want lightweight isolation without pulling in container runtimes. Tune in for practical, copy-paste-ready commands. #Linux #Namespaces #ProcessIsolation #Sysadmin #Bash #ServerEngineering #ContainerSecurity #Unshare #Nsenter #PIDNamespace #NetNS #Tech #Podcast #FexingoBusiness #BusinessPodcast #DevOps #Infrastructure #SystemAdministration Keep every episode free: buymeacoffee.com/fexingo
    Show More Show Less
    13 mins
  • How to Secure Linux SSH with Fail2ban and Key-Only Auth

    How to Secure Linux SSH with Fail2ban and Key-Only Auth
    Jun 13 2026
    In this episode, Lucas and Luna dive into the most common attack vector on Linux servers: SSH brute force. They explain how Fail2ban works under the hood—using iptables to dynamically block IPs after repeated failed attempts—and then walk through the more fundamental shift to key-only authentication. Lucas breaks down the exact configuration changes in /etc/ssh/sshd_config, including disabling password authentication and root login. He also shares a concrete example: a small web server that went from thousands of daily bot login attempts to fewer than a dozen after implementing these changes. Luna asks about the risks of losing SSH keys and suggests a backup strategy using a hardware token like a YubiKey. The episode closes with Lucas reflecting on the principle of defense in depth: Fail2ban is a good band-aid, but key-only auth is the real fix. A brief, natural mention of listener support (buy me a coffee dot com slash fexingo) is woven into the conversation near the end. #Linux #Sysadmin #SSHSecurity #Fail2ban #KeyOnlyAuth #ServerHardening #CyberSecurity #Infosec #DevOps #Iptables #PublicKeyCryptography #YubiKey #BruteForceProtection #DefenseInDepth #ServerAdmin #FexingoBusiness #BusinessPodcast #Technology Keep every episode free: buymeacoffee.com/fexingo
    Show More Show Less
    9 mins
  • How to Set Up Linux Server Disk Encryption with LUKS

    How to Set Up Linux Server Disk Encryption with LUKS
    Jun 13 2026
    In this episode of Linux Server Admin with Fexingo, Lucas and Luna walk through the practical steps for encrypting a Linux server's disks using LUKS (Linux Unified Key Setup). They explain when encryption matters—for portable drives, cloud instances, and compliance—and when it may not. Lucas demonstrates the exact cryptsetup commands for creating a LUKS container, adding a key slot, opening and mounting it, and configuring auto-unlock via a keyfile on a USB stick. They also cover the performance trade-off (typically a 1-3% CPU hit on modern hardware) and how to test it with dd. Luna asks about recovery if a keyfile is lost, and Lucas explains the backup passphrase strategy. A concrete, no-fluff guide to a critical security practice. #Linux #ServerEncryption #LUKS #DiskEncryption #cryptsetup #dm-crypt #Security #Sysadmin #Bash #ServerEngineering #Keyfile #DataProtection #Compliance #Technology #LinuxServerAdmin #FexingoBusiness #BusinessPodcast #ITSecurity Keep every episode free: buymeacoffee.com/fexingo
    Show More Show Less
    7 mins
  • How to Use Linux cgroups v2 for Server Resource Control

    How to Use Linux cgroups v2 for Server Resource Control
    Jun 12 2026
    Episode 47 of Linux Server Admin with Fexingo dives into cgroups v2, the modern control group implementation that replaces the fragmented v1 system. Lucas and Luna walk through real server scenarios: limiting CPU shares for noisy neighbors on a shared web host, pinning memory for a critical database container, and configuring IO throttling for backup jobs. They explain how systemd integrates cgroups v2 by default on recent distros like Ubuntu 24.04 and RHEL 9, and show practical commands using systemctl and the cgroup filesystem. The episode includes a concrete example of isolating an Nginx worker from a runaway Python script, with step-by-step limits on cpu.max, memory.max, and io.max. Listeners learn why cgroups v2's single-hierarchy model simplifies delegation and avoids the edge cases that plagued v1. Perfect for sysadmins managing multi-tenant servers or container hosts. #Linux #Sysadmin #CgroupsV2 #ResourceControl #ServerEngineering #Systemd #ContainerSecurity #PerformanceTuning #Ubuntu2404 #RHEL9 #CPUThrottling #MemoryLimits #IOLimits #Unix #OpenSource #DevOps #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
    Show More Show Less
    13 mins
  • How to Tame Linux Server NFS Performance with Tuning

    How to Tame Linux Server NFS Performance with Tuning
    Jun 12 2026
    In this episode of Linux Server Admin, Lucas and Luna tackle the often overlooked tuning of NFS (Network File System) on Linux servers. Using a real-world case of a media rendering farm struggling with NFS latency, they walk through the key sysctl settings, mount options, and server-side daemon parameters that can dramatically improve throughput. You'll learn about the `rsize` and `wsize` mount options, the `nfsd` thread count, and how to use `nfsstat` and `iostat` to diagnose bottlenecks. No abstract theory — just practical tuning steps that can save your server from NFS-induced slowdowns. Plus, a quick note on how listener support via buy me a coffee dot com slash fexingo keeps this ad-free show running. #Linux #NFS #ServerAdmin #Sysadmin #PerformanceTuning #NetworkFileSystem #Storage #FileServer #LinuxTuning #NFSTuning #MediaRendering #Throughput #Latency #Sysctl #MountOptions #Technology #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
    Show More Show Less
    8 mins
  • How to Use Linux Stratis for Storage Management

    How to Use Linux Stratis for Storage Management
    Jun 11 2026
    Episode 45 of Linux Server Admin with Fexingo dives into Stratis, a Linux storage management tool that combines ZFS-like features with native kernel integration. Lucas and Luna explain how Stratis uses a pool-based model, thin provisioning, snapshots, and tiering without the complexity of traditional volume managers. They walk through installing Stratis on RHEL 9, creating a pool from two NVMe drives, provisioning a filesystem, taking a snapshot, and rolling back a simulated data corruption. The hosts also discuss where Stratis fits alongside LVM and ZFS, and scenarios where it excels—like container host storage or virtual machine disk backends. No abstract theory; every command is runnable. The episode includes a brief, natural mention of listener support at buy me a coffee dot com slash fexingo. #Linux #Stratis #StorageManagement #RHEL #SystemAdministration #FileSystem #Snapshots #ThinProvisioning #NVMe #Technology #ServerAdmin #Podcast #FexingoBusiness #BusinessPodcast #Sysadmin #Bash #OpenSource #RedHat Keep every episode free: buymeacoffee.com/fexingo
    Show More Show Less
    12 mins