Zero Trust

I'm sure this is not something just happened to me. How many times have you faced the problem of sharing some local service or development version of something you're building to a college? How many times have you faced the issue to share a file located in your endpoint and having to update it first to a share file service, so your peer, customer, partner, etc can download it? And how many times did you put that in public mode? did you forget to delete it? Those things happened to me time to time, and even when I became good with my policies on sharing, deleting, etc... what a pain in the rear... And now, I found zrok ! Ziggy-zrok zrok  is an open-source built on top of OpenZiti (Yes, the programmable zero-trust network overlay). As an OpenZiti Native Application, Zrok offers a unique combination of public and private resource sharing, as well as easy web sharing capabilities. As an open-source platform, Zrok can be self-hosted or used through the managed offering provided by N

 I have recently bought my new Yubikey, and for those of you who known me, I'm doing lots of work on Zero Trust lately; so after my new Yubikey arrived I decided to use it in order to gain access to my current protected assets. In this entry, we'll see the integration between CloudZiti (keep in mind you can use OpenZiti  instead and get the same results, it's just I do rather prefer not having a single open port) and a YubiKey.  As you problably know at this time, OpenZiti is an open-source implementation of the Ziti platform, actually CloudZiti has been built on top of it, providing secure and scalable network access to applications, services and identities.  I don't think you need to know what a YubiKey is, just rememver that basically it's an authentication device that supports multiple protocols, including One-Time Password ( OTP ) for enhanced security. My idea is combining both technologies and improve the security and reliability of my network infrastructure