PODCAST · business
Linux Server Admin with Fexingo: Sysadmin, Bash, and Server Engineering
by Fexingo
Lucas and Luna sit down at a pair of thin laptops, terminal windows flickering with abstract patterns, to talk Linux server administration as it's actually practiced—bash scripting, systemd quirks, Nginx tuning, SSH hardening, and the daily grind of keeping production services online. Each episode picks a single sysadmin problem: how to diagnose a slow database query without panic, why that cron job keeps failing at 3 AM, or the right way to automate backups with rsync and rclone. Lucas brings the journalistic rigor—he'll cite real-world incidents like the 2021 AWS Kinesis outage that broke monitoring for half the internet, or the time a misplaced chmod command took down a major e-commerce site for an hour. Luna pushes back with hands-on experience: she's the one who asks whether you really need Docker for a three-service stack, or why your fail2ban config is banning your own IP. Together they cut through vendor hype—no Kubernetes if you have five servers, no Ansible if a shell loop wi
-
47
How to Diagnose Linux Server Boot Failures with Initramfs
Have you ever rebooted a Linux server only to have it drop you into a busybox shell instead of booting normally? In this episode of Linux Server Admin, Lucas and Luna walk through the exact steps to diagnose and recover from initramfs failures. They cover how to identify the root cause by examining kernel panic messages, using the emergency shell to check filesystem integrity with fsck, and extracting the initramfs image to verify missing drivers or broken scripts. They also share a real-world case where a missing storage controller driver caused a boot loop and how a single dracut rebuild fixed it. Whether you're managing bare metal or cloud instances, knowing how to handle a broken initramfs can save hours of downtime. Tune in for practical commands and a mental checklist you can use the next time a server refuses to boot. #LinuxServerAdmin #Sysadmin #Bash #ServerEngineering #Technology #Initramfs #BootFailure #LinuxBoot #KernelPanic #Fsck #Dracut #Mkinitcpio #Busybox #EmergencyShell #Recovery #FexingoBusiness #TechPodcast #ServerTroubleshooting Keep every episode free: buymeacoffee.com/fexingo
-
46
How to Tune Linux Server TCP for High Latency Links
When your server talks to clients halfway around the world, default TCP settings can choke performance. In this episode, Lucas and Luna explain how to tune Linux server TCP parameters for high-latency links. They walk through a real-world case: a video transcoding service in Singapore serving users in South America, where default TCP windowing caused throughput to stall at 12 Mbps. Learn how adjusting net.core.rmem_max, net.core.wmem_max, net.ipv4.tcp_rmem, and net.ipv4.tcp_wmem, plus enabling BBR congestion control, boosted throughput to 85 Mbps. Lucas breaks down the math: bandwidth-delay product, Socket buffer sizing, and why 'one size fits all' doesn't work for global traffic. Luna shares a tip on persistent configuration with sysctl and when to use tc qdisc for shaping. Practical sysadmin advice you can apply today. #LinuxServerAdmin #TCPTuning #HighLatency #BBR #Sysadmin #NetworkPerformance #BandwidthDelayProduct #SocketBuffers #Sysctl #LinuxNetworking #ServerOptimization #VideoTranscoding #TechTips #OpenSource #FexingoBusiness #TechnologyPodcast #LinuxAdmin #NetworkTuning Keep every episode free: buymeacoffee.com/fexingo
-
45
How to Use Linux Network Namespaces for Multi-Tenant Isolation
In this episode, Lucas and Luna dive deep into Linux network namespaces as a practical tool for multi-tenant server isolation. They walk through a real-world scenario: setting up two isolated network stacks on a single host using 'ip netns', configuring virtual Ethernet pairs, and assigning IP addresses so each namespace can talk to the outside world independently. Lucas explains the difference between network namespaces and VLANs, and why namespaces are lighter weight for container-like workloads. Luna asks about troubleshooting common pitfalls like missing routes or firewall rules that leak between namespaces. The hosts also touch on how cloud providers use network namespaces under the hood for virtual networks. If you manage servers where multiple clients or services need separate network environments without full virtualization, this episode gives you the concrete steps to implement it today. #Linux #NetworkNamespaces #ServerAdmin #Sysadmin #Bash #ContainerNetworking #MultiTenant #ipNetns #VirtualEthernet #NetworkIsolation #Technology #FexingoBusiness #BusinessPodcast #Fexingo #LinuxNetworking #ServerEngineering #SysadminTips #Networking Keep every episode free: buymeacoffee.com/fexingo
-
44
How to Use Linux Container Runtimes for Server Deployment
In this episode of Linux Server Admin with Fexingo, Lucas and Luna dive into the practical side of container runtimes—specifically, how to choose between Docker, containerd, and Podman for production server workloads. They break down the architecture of each runtime, explain how the Open Container Initiative (OCI) standards ensure interoperability, and walk through a real-world scenario: deploying a Python web app on a bare-metal server using containerd directly (without Docker). Lucas shares a surprising benchmark: containerd can reduce memory overhead by 30-40% compared to a full Docker daemon on lightweight servers. Luna asks about security differences, especially around daemonless architectures and rootless containers. By the end, you'll know when to reach for which runtime and how to test them yourself. Perfect for sysadmins tired of Docker defaults or curious about lower-level container orchestration. Produced by Fexingo Business Podcast Network. #ContainerRuntimes #Docker #Containerd #Podman #OCI #LinuxServerAdmin #Sysadmin #DevOps #Containers #ServerDeployment #PythonApp #RootlessContainers #Daemonless #OpenContainerInitiative #Technology #Fexingo #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
-
43
How to Use Linux LVM Snapshot Backups for Rapid Recovery
In this episode of Linux Server Admin with Fexingo, Lucas and Luna dive into a powerful but often overlooked feature of Logical Volume Manager (LVM): snapshot-based backups for fast recovery. They walk through a real-world scenario where a failed software update on a production database server requires rolling back in under 10 minutes. Lucas explains how LVM snapshots work at the block level, the key difference between thin and thick snapshots, and the gotchas around space allocation and performance. Listeners will learn the exact commands to create, mount, and merge a snapshot, plus a production-ready backup script pattern. Perfect for sysadmins who want to recover quickly without restoring from full disk images. Episode 56 of Linux Server Admin with Fexingo – ad-free and listener-supported. #Linux #Sysadmin #LVM #Snapshots #Backup #Recovery #ServerEngineering #Bash #BlockLevel #ThinSnapshots #DatabaseBackup #Production #Rollback #Technology #LinuxServerAdmin #Fexingo #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
-
42
How to Diagnose Linux Server DNS Resolution Issues
Episode 55 of Linux Server Admin tackles a common but infuriating problem: DNS resolution failures that can cripple server connectivity. Lucas and Luna walk through a real-world scenario where an application suddenly can't reach external APIs. They cover the diagnostic toolkit — digging into /etc/resolv.conf, testing with dig and nslookup, checking systemd-resolved stubs, and tracing timeouts with tcpdump. Specific commands like 'dig +trace example.com' and 'resolvectl query' are demonstrated. They also discuss how stub resolvers can mask upstream failures and when to use fallback nameservers. By the end, you'll have a repeatable process for isolating whether the problem is a misconfigured resolver, a blocked port, or a slow upstream server. No fluff — just practical server troubleshooting for sysadmins. #LinuxServerAdmin #DNSResolution #Sysadmin #Troubleshooting #Linux #Dig #Nslookup #SystemdResolved #Tcpdump #Resolvectl #Technology #ServerAdministration #NetworkDiagnostics #DnsDebugging #FexingoBusiness #BusinessPodcast #ServerEngineering #Bash Keep every episode free: buymeacoffee.com/fexingo
-
41
How to Manage Linux Server Storage Pools with LVM
Episode 54 of Linux Server Admin with Fexingo dives into Logical Volume Manager (LVM) for flexible server storage. Lucas and Luna walk through a real-world scenario: a web server running out of disk space on its root partition. They explain how LVM's physical volumes, volume groups, and logical volumes let you resize, snapshot, and migrate storage without downtime. Specific commands include pvcreate, vgcreate, vgextend, lvextend, resize2fs, and lvcreate with the --snapshot flag. The hosts also cover when LVM adds complexity versus when it's a lifesaver, and warn against thin provisioning traps. Perfect for sysadmins managing on-prem or cloud Linux servers. #Linux #LVM #StorageManagement #Sysadmin #ServerEngineering #Bash #LinuxServerAdmin #VolumeManagement #DiskManagement #LogicalVolumeManager #Technology #FexingoBusiness #BusinessPodcast #Podcast #LinuxAdmin #ServerStorage #StoragePools #ResizePartition Keep every episode free: buymeacoffee.com/fexingo
-
40
How to Use Linux Namespaces for User Isolation
In this episode of Linux Server Admin, Lucas and Luna dive into Linux namespaces for user isolation — a key technique for securing multi-tenant servers and containers. They explain how user namespaces map unprivileged UIDs to root inside a container, preventing container breakouts. Lucas walks through a practical example: creating a user namespace with unshare, mapping UIDs, and running a shell as 'root' inside the namespace without real privileges. They discuss real-world use cases like running legacy applications or multi-user development environments without risking the host. The episode also touches on common pitfalls, such as improper UID mapping that can allow privilege escalation. Packed with actionable commands and insights, this is essential for any sysadmin hardening Linux servers. #Linux #Sysadmin #Namespaces #UserIsolation #ContainerSecurity #Unshare #UIDMapping #ServerHardening #MultiTenant #PrivilegeEscalation #Technology #LinuxServerAdmin #FexingoBusiness #BusinessPodcast #Podcast #DevOps #Security #Bash Keep every episode free: buymeacoffee.com/fexingo
-
39
Linux Server SSH Hardening with Security Keys
In this episode, Lucas and Luna dive into the practical steps for hardening SSH on Linux servers using FIDO2/U2F security keys. They explain why password and even key-based authentication often fall short, then walk through the setup: generating a key backed by a hardware token, configuring sshd to accept only ed25519-sk keys, and disabling password login. The conversation covers real-world friction points like handling multiple servers, backup authentication methods, and the surprising lesson one sysadmin learned after locking themselves out. By the end, listeners have a concrete, implementable security upgrade for their own infrastructure. #Linux #SSH #SecurityKeys #FIDO2 #U2F #Sysadmin #ServerHardening #Ed25519 #Cybersecurity #Authentication #OpenSSH #Technology #FexingoBusiness #BusinessPodcast #ServerAdmin #InfrastructureSecurity #SSHConfig #HardwareToken Keep every episode free: buymeacoffee.com/fexingo
-
38
How to Use Linux BPF for Real-Time Performance Tracing
Episode 51 of Linux Server Admin with Fexingo dives into BPF (Berkeley Packet Filter) as a practical tool for real-time performance tracing on Linux servers. Hosts Lucas and Luna walk through a concrete scenario: diagnosing a mysterious latency spike in a web application without restarting or installing new packages. Lucas explains how bpftrace lets you attach one-liners to kernel probes to measure disk I/O, syscall latency, and scheduling delays, using real examples like tracing ext4 file operations and identifying a slow NFS server. The episode covers the difference between classic BPF and eBPF, common one-liners for sysadmins, and safety mechanisms that prevent crashes. Listeners learn how BPF can replace older tools like strace for production use by being safer and more efficient. The hosts also touch on how to check if your kernel supports BPF and where to find pre-built tools like BCC. Perfect for server admins who want deeper observability without overhead. #Linux #BPF #eBPF #PerformanceTracing #Sysadmin #Bpftrace #Kernel #Observability #ServerManagement #LinuxPerformance #BCC #Troubleshooting #Technology #FexingoBusiness #BusinessPodcast #ServerEngineering #DevOps #RealTimeMonitoring Keep every episode free: buymeacoffee.com/fexingo
-
37
How to Use Linux Namespaces for Process Isolation
In episode 50 of Linux Server Admin with Fexingo, Lucas and Luna dive into Linux namespaces for process isolation, focusing on the PID and network namespaces. They walk through real commands — unshare, nsenter, ip netns — to show how to create isolated environments without Docker. Lucas shares a story about using namespaces to run a legacy application in isolation on a production server, avoiding the overhead of full containerization. They also cover how to inspect existing namespaces and common pitfalls like namespace leaks. Perfect for sysadmins who want lightweight isolation without pulling in container runtimes. Tune in for practical, copy-paste-ready commands. #Linux #Namespaces #ProcessIsolation #Sysadmin #Bash #ServerEngineering #ContainerSecurity #Unshare #Nsenter #PIDNamespace #NetNS #Tech #Podcast #FexingoBusiness #BusinessPodcast #DevOps #Infrastructure #SystemAdministration Keep every episode free: buymeacoffee.com/fexingo
-
36
How to Secure Linux SSH with Fail2ban and Key-Only Auth
In this episode, Lucas and Luna dive into the most common attack vector on Linux servers: SSH brute force. They explain how Fail2ban works under the hood—using iptables to dynamically block IPs after repeated failed attempts—and then walk through the more fundamental shift to key-only authentication. Lucas breaks down the exact configuration changes in /etc/ssh/sshd_config, including disabling password authentication and root login. He also shares a concrete example: a small web server that went from thousands of daily bot login attempts to fewer than a dozen after implementing these changes. Luna asks about the risks of losing SSH keys and suggests a backup strategy using a hardware token like a YubiKey. The episode closes with Lucas reflecting on the principle of defense in depth: Fail2ban is a good band-aid, but key-only auth is the real fix. A brief, natural mention of listener support (buy me a coffee dot com slash fexingo) is woven into the conversation near the end. #Linux #Sysadmin #SSHSecurity #Fail2ban #KeyOnlyAuth #ServerHardening #CyberSecurity #Infosec #DevOps #Iptables #PublicKeyCryptography #YubiKey #BruteForceProtection #DefenseInDepth #ServerAdmin #FexingoBusiness #BusinessPodcast #Technology Keep every episode free: buymeacoffee.com/fexingo
-
35
How to Set Up Linux Server Disk Encryption with LUKS
In this episode of Linux Server Admin with Fexingo, Lucas and Luna walk through the practical steps for encrypting a Linux server's disks using LUKS (Linux Unified Key Setup). They explain when encryption matters—for portable drives, cloud instances, and compliance—and when it may not. Lucas demonstrates the exact cryptsetup commands for creating a LUKS container, adding a key slot, opening and mounting it, and configuring auto-unlock via a keyfile on a USB stick. They also cover the performance trade-off (typically a 1-3% CPU hit on modern hardware) and how to test it with dd. Luna asks about recovery if a keyfile is lost, and Lucas explains the backup passphrase strategy. A concrete, no-fluff guide to a critical security practice. #Linux #ServerEncryption #LUKS #DiskEncryption #cryptsetup #dm-crypt #Security #Sysadmin #Bash #ServerEngineering #Keyfile #DataProtection #Compliance #Technology #LinuxServerAdmin #FexingoBusiness #BusinessPodcast #ITSecurity Keep every episode free: buymeacoffee.com/fexingo
-
34
How to Use Linux cgroups v2 for Server Resource Control
Episode 47 of Linux Server Admin with Fexingo dives into cgroups v2, the modern control group implementation that replaces the fragmented v1 system. Lucas and Luna walk through real server scenarios: limiting CPU shares for noisy neighbors on a shared web host, pinning memory for a critical database container, and configuring IO throttling for backup jobs. They explain how systemd integrates cgroups v2 by default on recent distros like Ubuntu 24.04 and RHEL 9, and show practical commands using systemctl and the cgroup filesystem. The episode includes a concrete example of isolating an Nginx worker from a runaway Python script, with step-by-step limits on cpu.max, memory.max, and io.max. Listeners learn why cgroups v2's single-hierarchy model simplifies delegation and avoids the edge cases that plagued v1. Perfect for sysadmins managing multi-tenant servers or container hosts. #Linux #Sysadmin #CgroupsV2 #ResourceControl #ServerEngineering #Systemd #ContainerSecurity #PerformanceTuning #Ubuntu2404 #RHEL9 #CPUThrottling #MemoryLimits #IOLimits #Unix #OpenSource #DevOps #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
-
33
How to Tame Linux Server NFS Performance with Tuning
In this episode of Linux Server Admin, Lucas and Luna tackle the often overlooked tuning of NFS (Network File System) on Linux servers. Using a real-world case of a media rendering farm struggling with NFS latency, they walk through the key sysctl settings, mount options, and server-side daemon parameters that can dramatically improve throughput. You'll learn about the `rsize` and `wsize` mount options, the `nfsd` thread count, and how to use `nfsstat` and `iostat` to diagnose bottlenecks. No abstract theory — just practical tuning steps that can save your server from NFS-induced slowdowns. Plus, a quick note on how listener support via buy me a coffee dot com slash fexingo keeps this ad-free show running. #Linux #NFS #ServerAdmin #Sysadmin #PerformanceTuning #NetworkFileSystem #Storage #FileServer #LinuxTuning #NFSTuning #MediaRendering #Throughput #Latency #Sysctl #MountOptions #Technology #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
-
32
How to Use Linux Stratis for Storage Management
Episode 45 of Linux Server Admin with Fexingo dives into Stratis, a Linux storage management tool that combines ZFS-like features with native kernel integration. Lucas and Luna explain how Stratis uses a pool-based model, thin provisioning, snapshots, and tiering without the complexity of traditional volume managers. They walk through installing Stratis on RHEL 9, creating a pool from two NVMe drives, provisioning a filesystem, taking a snapshot, and rolling back a simulated data corruption. The hosts also discuss where Stratis fits alongside LVM and ZFS, and scenarios where it excels—like container host storage or virtual machine disk backends. No abstract theory; every command is runnable. The episode includes a brief, natural mention of listener support at buy me a coffee dot com slash fexingo. #Linux #Stratis #StorageManagement #RHEL #SystemAdministration #FileSystem #Snapshots #ThinProvisioning #NVMe #Technology #ServerAdmin #Podcast #FexingoBusiness #BusinessPodcast #Sysadmin #Bash #OpenSource #RedHat Keep every episode free: buymeacoffee.com/fexingo
-
31
How to Use Linux iptables for Advanced Network Firewall Rules
In this episode of Linux Server Admin with Fexingo, Lucas and Luna dive into the practical art of iptables on Linux. They start with a real-world scenario: a misconfigured firewall that locked out a developer's SSH session. From there, they explore three specific iptables use cases that go beyond basic port blocking—rate-limiting inbound connections to prevent brute-force attacks, using connection tracking to allow established traffic while blocking new malicious packets, and setting up a simple but effective DMZ with NAT rules for a web server. Lucas explains the difference between iptables chains (INPUT, OUTPUT, FORWARD) and how to inspect counters with 'iptables -L -v'. Luna challenges him on performance overhead and when to switch to nftables. They also cover how to save and restore rules persistently using iptables-save and iptables-restore. By the end, listeners will have a concrete, copyable iptables rule set they can adapt for their own servers. No fluff—just the commands, the logic, and the gotchas. #iptables #LinuxFirewall #NetworkSecurity #Sysadmin #ServerEngineering #Bash #Linux #Technology #FexingoBusiness #BusinessPodcast #ITSecurity #DevOps #NFtables #CyberSecurity #FirewallRules #ServerHardening #LinuxAdmin #NetworkAdmin Keep every episode free: buymeacoffee.com/fexingo
-
30
How to Tame Linux Server Logs with Logrotate
In this episode, Lucas and Luna dive into logrotate, the unsung hero of Linux server administration. They explore how a single misconfigured logrotate rule can silently fill a disk partition, causing outages. Using a concrete example of a web server that crashed because Apache logs grew unchecked, they explain logrotate's core directives: daily rotation, compression, delay compress, maxage, and postrotate scripts. They also cover practical pitfalls like missing sharedscripts syntax and permissions issues with log files owned by root versus service users. By the end, listeners will know exactly how to audit their existing logrotate configs and prevent disk-full disasters without manual log cleaning. #Linux #Sysadmin #ServerAdministration #Logrotate #LogManagement #Apachelogs #NginxlLogs #DiskSpace #DevOps #Bash #ServerMaintenance #LinuxTips #Technology #FexingoBusiness #BusinessPodcast #ServerEngineering #Infrastructure #OpenSource Keep every episode free: buymeacoffee.com/fexingo
-
29
How to Diagnose and Fix Linux Server Packet Loss
Episode 42 of Linux Server Admin with Fexingo dives into diagnosing and fixing packet loss on Linux servers. Lucas and Luna explore practical tools like ping, mtr, tcpdump, and ethtool to pinpoint whether the issue is in the network interface, cable, switch, or kernel buffers. They walk through a real-world scenario where a jammed network cable on a Ubuntu server caused 2.3% packet loss, and show how to isolate and resolve it step by step. They also cover checking for dropped packets with netstat -s and interface statistics, and discuss when to involve your network team versus fixing it yourself. By the end, you'll know how to systematically troubleshoot packet loss without guessing. #LinuxServerAdmin #PacketLoss #NetworkTroubleshooting #Sysadmin #Bash #ServerEngineering #Technology #Podcast #FexingoBusiness #BusinessPodcast #Ubuntu #TCPDump #Ethtool #MTR #Netstat #NetworkInterface #KernelBuffers #Diagnostics Keep every episode free: buymeacoffee.com/fexingo
-
28
How to Diagnose Linux Server Memory Leaks
Memory leaks on Linux servers can silently degrade performance until a process is killed or the system crashes. In this episode, Lucas and Luna walk through a real-world scenario: a Node.js web server that slowly consumes memory over days. They explain how to use tools like 'top', 'ps', '/proc/meminfo', 'smem', and 'valgrind' to identify the offending process, measure memory growth, and trace the leak to its source. They also cover practical prevention strategies, including memory limits with systemd and cgroups, and monitoring with a simple cron script. No theory without practice — listeners get a concrete shell one-liner to log resident set size over time and a checklist for integrating leak detection into CI. Perfect for sysadmins who manage production servers and want to catch leaks before users notice. #Linux #ServerMemoryLeak #Sysadmin #MemoryDiagnosis #NodeJsMemoryLeak #TopCommand #Valgrind #SystemdMemoryLimit #Cgroups #ResidentSetSize #Smem #ProductionDebugging #PerformanceMonitoring #BashScripting #Fexingo #FexingoTech #TechnologyPodcast #LinuxServerAdmin Keep every episode free: buymeacoffee.com/fexingo
-
27
How to Use Linux Systemd Timers for Scheduled Tasks
In this episode of Linux Server Admin, Lucas and Luna dive into systemd timers as a modern replacement for cron. They walk through the anatomy of a timer unit file, compare it to traditional cron syntax, and show you how to create your first timer for a daily log rotation script. Lucas explains why systemd timers offer better logging, dependency handling, and debugging capabilities. They also discuss common pitfalls like timezone handling and calendar event syntax. By the end, you'll know how to replace cron jobs with systemd timers for more reliable and maintainable scheduling on your Linux servers. #Linux #SystemdTimers #CronReplacement #ServerAdministration #Automation #Bash #Sysadmin #Technology #LinuxServer #Systemd #TimerUnits #Scheduling #LogRotation #DevOps #FexingoBusiness #FexingoPodcast #LinuxAdmin #ServerManagement Keep every episode free: buymeacoffee.com/fexingo
-
26
How to Use Linux Namespaces for Network Isolation
Episode 39 of Linux Server Admin dives into Linux network namespaces for isolating server processes without full container runtimes. Lucas and Luna break down a real scenario: running a legacy monitoring agent that can't be containerized but must be network-separated from production traffic. They walk through creating a namespace, assigning a virtual Ethernet pair, and routing traffic through a dedicated bridge. Specific commands include 'ip netns add', 'ip link add veth', and iptables rules for NAT. The episode also covers debugging with 'nsenter' and 'ip netns exec', plus pitfalls like systemd integration and DNS resolution inside namespaces. By the end, listeners can isolate any process's network stack with five commands. The conversation includes a brief donation segment highlighting Fexingo's ad-free model at buy me a coffee dot com slash fexingo. #Linux #Sysadmin #ServerEngineering #NetworkNamespaces #NetworkIsolation #Bash #TechPodcast #DevOps #Containerization #iptables #VethPair #ipCommand #nsenter #Systemd #ServerSecurity #Technology #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
-
25
How to Use Linux Auditd for Server Security Monitoring
Lucas and Luna dive into Linux auditd, the powerful auditing subsystem that tracks security-relevant events on your servers. They walk through a real-world scenario: detecting unauthorized file access attempts using auditctl rules, interpreting ausearch output, and generating daily reports with aureport. The episode covers how to configure auditd without overwhelming your logs, common pitfalls like rule ordering and log rotation, and a practical example of monitoring /etc/shadow for suspicious reads. By the end, you'll know how to set up a simple but effective audit trail that helps catch intruders and meet compliance requirements. No fluff, just actionable sysadmin techniques. #Linux #Sysadmin #Auditd #Security #ServerMonitoring #Compliance #Forensics #Auditctl #Ausearch #Aureport #FileIntegrity #Logging #Technology #FexingoTech #FexingoBusiness #BusinessPodcast #ITSecurity #LinuxSecurity Keep every episode free: buymeacoffee.com/fexingo
-
24
How to Use Linux Control Groups for Resource Limits
Episode 37 of Linux Server Admin with Fexingo dives into control groups (cgroups) — the kernel feature that lets you limit CPU, memory, and I/O per process. Lucas and Luna walk through a real scenario: a runaway PHP-FPM pool consuming all server RAM on a shared hosting box. They explain how to set memory and CPU limits with cgroups v2, how to monitor usage with systemd-cgtop, and why this beats trusting nice values alone. Practical commands, real output, and a warning about the cgroup filesystem hierarchy. Perfect for sysadmins who want to stop one noisy neighbor from killing the whole server. #Linux #ControlGroups #Cgroups #ResourceLimits #Sysadmin #ServerManagement #PHPFPM #MemoryLimit #CPUQuota #Systemd #CgroupsV2 #LinuxKernel #ServerPerformance #NoisyNeighbor #Technology #FexingoBusiness #BusinessPodcast #LinuxServerAdmin Keep every episode free: buymeacoffee.com/fexingo
-
23
How to Benchmark Linux Server Disk I/O with FIO
Episode 36 of Linux Server Admin with Fexingo dives into disk I/O benchmarking with FIO. Lucas and Luna walk through a real-world scenario: a database server showing intermittent slow queries, traced to unexpected I/O latency. They explain how to install FIO, construct a basic random-read/write test, interpret the output (IOPS, latency percentiles, bandwidth), and compare against expected performance for SSDs and HDDs. The episode covers why default test parameters can mislead, how to match workloads (e.g., 4K random vs. 64K sequential), and a simple three-run methodology for reliable baselines. Specific numbers include typical NVMe IOPS (500k+ random read), SATA SSD thresholds (80k IOPS), and how to spot controller saturation. No fluff—just practical steps to benchmark before tuning or blaming hardware. #Linux #Sysadmin #ServerEngineering #DiskIO #FIO #Benchmarking #StoragePerformance #IOPS #Latency #DatabasePerformance #NVMe #SSD #ServerTuning #Technology #FexingoBusiness #BusinessPodcast #LinuxServerAdmin #PerformanceTuning Keep every episode free: buymeacoffee.com/fexingo
-
22
Why Your Linux Server Needs a Dedicated Patch Automation Schedule
Episode 35 tackles the hidden risk of inconsistent patching on Linux servers. Lucas and Luna walk through a real-world case: a mid-sized e-commerce company that suffered a 12-hour outage after applying kernel patches manually on a Friday afternoon. They break down why most sysadmins still rely on ad-hoc updates, how unattended-upgrades can backfire, and what a structured patch window looks like — including pre-patch snapshots, staged rollouts, and post-patch smoke tests. You'll learn the specific dangers of skipping patch automation: silent dependency drift, security gaps, and configuration drift across fleets. The episode also covers tools like cron-apt, yum-cron, and Ansible playbooks for patch orchestration, and why you should always test patches on a canary node first. Lucas and Luna don't just tell you to automate — they show you the cost of not doing it, from a real outage postmortem. By the end, you'll have a concrete checklist for building your own patch schedule, tailored to production workloads. #LinuxServerAdmin #Sysadmin #PatchManagement #LinuxSecurity #ServerAutomation #BashScripting #Ansible #KernelUpdates #UnattendedUpgrades #DevOps #ProductionOutage #CanaryDeployments #Snapshots #CronJObs #RiskManagement #Technology #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
-
21
How to Diagnose and Fix DNS Resolution Failures on Linux
Episode 34 of Linux Server Admin with Fexingo. Lucas and Luna walk through a real-world DNS failure that took down a staging environment for six hours. They explain how to use `dig`, `nslookup`, `systemd-resolved`, and `/etc/nsswitch.conf` to pinpoint the cause, and share a concrete fix using conditional forwarding in `systemd-resolved`. You'll also learn how to monitor DNS health with a simple custom script. Perfect for sysadmins who have ever stared at a blinking cursor wondering why `curl` hangs. Includes a quick note on how listener support keeps the show ad-free. #Linux #DNS #Sysadmin #SystemdResolved #NetworkTroubleshooting #Dig #Nslookup #NsswitchConf #ResolvConf #BashScripting #ServerEngineering #Technology #FexingoBusiness #BusinessPodcast #DevOps #Infrastructure #OpenSource #CommandLine Keep every episode free: buymeacoffee.com/fexingo
-
20
How to Use Linux Namespaces for Container Security
Lucas and Luna dive into Linux namespaces, the kernel feature that underpins container isolation but is often misunderstood. They explain the seven namespace types, show how a misconfigured namespace can leak host resources, and walk through a practical example using 'unshare' to create a minimal container. The hosts also discuss auditing namespace configurations with 'lsns' and 'nsenter', and why namespaces alone aren't enough without cgroups and seccomp. A must-listen for sysadmins who want to understand container security from the kernel up. #Linux #Namespaces #ContainerSecurity #Sysadmin #Kernel #Docker #unshare #nsenter #lsns #cgroups #seccomp #Isolation #ServerEngineering #Technology #FexingoBusiness #BusinessPodcast #LinuxServerAdmin #Bash Keep every episode free: buymeacoffee.com/fexingo
-
19
How to Recover a Linux Server from a Kernel Panic
When your Linux server kernel panics, the typical sysadmin response is a hard reset — but that can destroy forensic evidence and risk data corruption. In this episode, Lucas and Luna walk through a step-by-step recovery procedure using the kernel's built-in SysRq key mechanism, the kdump crash-capture service, and crash utility analysis. They explain how to configure kdump to save a vmcore file on panic, how to use SysRq commands to trigger a controlled panic or sync disks before a forced reboot, and how to interpret common crash backtraces. Using a real-world example of a memory allocation failure in an ext4 filesystem driver, they show how crash analysis pointed to incompatible kernel module parameters — a fix that took one line in the module config file. Listeners learn a systematic approach to kernel panics that turns a server-down emergency into a diagnostic opportunity. #Linux #Sysadmin #ServerEngineering #KernelPanic #SysRq #Kdump #CrashAnalysis #LinuxKernel #SystemRecovery #LinuxAdmin #FexingoBusiness #Technology #Podcast #ServerAdministration #LinuxTips #CrashDump #CentOS #Debugging Keep every episode free: buymeacoffee.com/fexingo
-
18
How to Rescue a Server With a Broken Root Filesystem
Episode 31 of Linux Server Admin with Fexingo dives into the nightmare scenario: your Linux server's root filesystem is corrupted and won't boot. Lucas and Luna walk through a real rescue using the initramfs shell, manual fsck on a read-only root, chroot into the damaged system, and rebuilding the initramfs from inside the rescue environment. They cover when to use a live USB, how to mount proc/sys/dev in a chroot, and the critical step of checking your backup strategy before you need it. No fluff—just practical sysadmin skills for when the server won't come back. #Linux #Sysadmin #ServerRescue #RootFilesystem #Initramfs #Fsck #Chroot #BootFailure #FilesystemCorruption #EmergencyRecovery #Ext4 #LiveUSB #RescueMode #BackupStrategy #Technology #ServerAdministration #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
-
17
How to Diagnose a Silent Disk Failure on Linux
Episode 30 of Linux Server Admin with Fexingo tackles one of the most insidious server problems: a disk that's technically online but corrupting data silently. Lucas and Luna walk through a real case from a mid-size e-commerce company where a failing SATA drive went unnoticed for weeks, causing intermittent database corruption and mysterious application crashes. They explain how to detect the early warning signs using SMART attributes (specifically Reallocated Sector Count and Current Pending Sector), why standard monitoring often misses these, and how to set up a simple proactive alert with smartd and a systemd timer. The hosts also discuss read vs. write path failures, the risk of RAID-5 with large drives, and why you should never trust a single `fsck` result. By the end, you'll know exactly what to add to your server checklist to catch a quiet disk death before it takes down production. #Linux #Sysadmin #ServerEngineering #SilentDiskFailure #SMART #DiskMonitoring #DataCorruption #smartd #systemd #RAID5 #HardDriveFailure #Storage #Bash #Technology #ServerAdmin #ITOps #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
-
16
Why Your Linux Server Needs a Dedicated Journald Configuration
Episode 29 of Linux Server Admin with Fexingo dives into the hidden bottleneck in systemd's journald: the default rate-limiting settings that silently drop log entries during bursts, making debugging impossible when you need logs most. Lucas and Luna walk through a real scenario where a busy web server was losing critical audit records because journald capped the rate at 10,000 messages per 30 seconds. They explain how to diagnose with journalctl --list-boots showing gaps, how to override the rate limits and max log size via drop-in configs in /etc/systemd/journald.conf.d, and why moving to persistent storage with proper rotation beats the default volatile setup. The episode also touches on when to forward logs to a remote syslog or Elastic stack rather than tuning local journald, and the trade-off between log completeness and disk wear on SSDs. Practical, specific, and immediately actionable for anyone running Linux servers in production. #Linux #Sysadmin #Journald #Systemd #ServerEngineering #Logging #RateLimiting #Bash #Technology #FexingoBusiness #BusinessPodcast #LinuxServerAdmin #Podcast #DevOps #Infrastructure #ProductionDebugging #Journalctl #DropInConfig Keep every episode free: buymeacoffee.com/fexingo
-
15
How to Harden Your Linux Server with AppArmor Profiles
In this episode of Linux Server Admin, Lucas and Luna dive into AppArmor—the mandatory access control system that's simpler than SELinux but powerful enough to confine major services like Nginx, MySQL, and Apache. They walk through a real-world case: a misbehaving PHP script that tried to write to /etc/passwd on a production web server, and how an AppArmor profile blocked it instantly. Lucas explains the difference between complain mode and enforce mode, how to generate profiles with aa-genprof, and why you should never run a profile in complain mode in production without auditing the logs. Luna challenges whether AppArmor is enough by itself, and they discuss defense-in-depth. A concrete episode for anyone running Linux servers who wants to lock down services without the overhead of SELinux. #AppArmor #LinuxSecurity #MandatoryAccessControl #ServerHardening #NginxSecurity #MySQLSecurity #aaGenprof #LinuxSysadmin #SecurityProfiles #LinuxServer #Infosec #Sysadmin #Technology #LinuxAdmin #FexingoBusiness #BusinessPodcast #TechPodcast #DevOps Keep every episode free: buymeacoffee.com/fexingo
-
14
How to Tame Linux Server Timeouts With Systemd Drop-In Units
Lucas and Luna dive into a practical server engineering headache: timeouts. Lucas explains why the default systemd service timeout of 90 seconds can cause cascading failures in production, especially for long-running database migrations or backup jobs. He walks through creating drop-in units to override timeout settings without touching vendor-provided service files, using a real case from a PostgreSQL migration that kept failing under the default TimeoutStopSec. Luna challenges when to use drop-ins vs. forking the unit file, and they discuss the trade-offs between tight timeouts for fast-fail and generous ones for graceful shutdown. A concrete episode for anyone who's ever watched systemctl hang on a restart. #Systemd #DropInUnits #LinuxServer #Sysadmin #Timeouts #PostgreSQL #ServerEngineering #Bash #Technology #Infrastructure #DevOps #Systemctl #UnitFiles #GracefulShutdown #Production #FexingoBusiness #BusinessPodcast #ServerAdmin Keep every episode free: buymeacoffee.com/fexingo
-
13
How to Harden Your Linux Server with SELinux Policies
In this episode, Lucas and Luna dive into SELinux on Linux servers — specifically, why and how to implement targeted policies without breaking production workloads. Lucas walks through a real case from a financial services company that reduced their kernel-level vulnerability exposure by over 80 percent after enabling SELinux in enforcing mode on 200 servers. They discuss the common pain points: learning the audit2allow workflow, writing custom policy modules, and handling SELinux denials. They also compare SELinux to AppArmor, explaining when each makes sense. The conversation is grounded in practical steps — no theoretical fluff. By the end, listeners learn one concrete command sequence they can test on a non-production box this week. This episode is essential for any sysadmin who wants to move beyond basic file permissions and actually lock down their system calls. #SELinux #LinuxSecurity #ServerHardening #Sysadmin #AccessControl #MandatoryAccessControl #SecurityPolicies #audit2allow #AppArmor #KernelSecurity #LinuxServer #ServerEngineering #Bash #DevOps #Technology #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
-
12
How to Audit SSH Keys Before They Become a Liability
Episode 25 of Linux Server Admin with Fexingo: Sysadmin, Bash, and Server Engineering dives into SSH key hygiene. Lucas and Luna walk through a real-world scenario: a startup that accumulated 400 authorized SSH keys across 60 servers, with keys tied to former employees and contractors still active. They explain why this happens, how to inventory keys using simple Bash scripts and tools like ssh-audit, and how to enforce rotation policies with certificates and short-lived keys. By the end, you'll know how to run a one-liner to list every key on a server, why you should disable password authentication entirely, and how to build a renewal cadence that matches your team's turnover. Practical, specific, and immediately actionable for anyone managing Linux servers. #SSHKeys #ServerSecurity #LinuxSysadmin #BashScripting #KeyRotation #ssh-audit #AuthorizedKeys #Authentication #DevOps #InfrastructureSecurity #CertificateAuth #ShortLivedKeys #Linux #SysadminHardening #ServerManagement #Business #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
-
11
Why Your Sudoers File Needs Hardening Now
Episode 24 of Linux Server Admin with Fexingo digs into a critical but often overlooked security gap: the sudoers file. Lucas and Luna walk through a real-world misconfiguration that gave an attacker passwordless root access on a monitoring server, and explain how to lock down sudo with defaults, timed credentials, command aliases, and the sudo_logsrvd audit daemon. They cover the new sudo 1.9.14 timeout policy, the difference between NOPASSWD and timed permissions, and why logging every sudo invocation matters for incident response. If you maintain Linux servers in production, this episode gives you one concrete change to make today. #Linux #Sysadmin #SudoSecurity #Sudoers #ServerHardening #PrivilegeEscalation #CommandLogging #SudoLogsrvd #LinuxSecurity #DevOps #InfrastructureSecurity #ITSecurity #OpenSource #Technology #ServerAdministration #FexingoBusiness #BusinessPodcast #LinuxServerAdmin Keep every episode free: buymeacoffee.com/fexingo
-
10
When Your Server Swaps Itself to Death
Episode 23 of Linux Server Admin with Fexingo. Lucas and Luna dig into one of the most common yet misunderstood server failure modes: swap thrashing. They walk through a real scenario where a Postgres query triggered the OOM killer, and explain why the default vm.swappiness of 60 is almost always wrong for production. You'll learn exactly how to set swappiness to 10, configure systemd-oomd, and add swap health checks to your monitoring stack. No theory – just the specific sysctl values, the exact log patterns to grep for, and the one line of PromQL that catches the problem before pager duty calls. If your servers rely on swap, this episode will save you a 3 AM wake-up. #Linux #Sysadmin #ServerAdmin #Swap #MemoryManagement #OOMKiller #Postgres #Systemd #Monitoring #Performance #vmSwappiness #Sysctl #PromQL #Bash #DevOps #FexingoBusiness #TechPodcast #ServerEngineering Keep every episode free: buymeacoffee.com/fexingo
-
9
Zero Downtime Deployments With Blue-Green Servers
Lucas walks Luna through the blue-green deployment pattern, a strategy that eliminates application downtime during updates by running two identical production environments and switching traffic atomically. They break down the exact steps: provisioning a standby environment, running health checks on the new version, flipping the load balancer, and rolling back instantly if something breaks. Lucas uses a concrete example of a Node.js API service behind an Nginx reverse proxy, explaining how to script the switch with a simple shell loop. Luna asks about database schema changes during a swap — Lucas explains the read-only and dual-write patterns that keep data consistent. The episode also covers the biggest risk: stale connections and in-flight requests. By the end, listeners will know exactly how to implement blue-green for their own stack without buying extra infrastructure. #BlueGreenDeployment #ZeroDowntime #DevOps #SiteReliabilityEngineering #Nginx #LoadBalancing #NodeJS #DatabaseMigrations #ContinuousDeployment #ShellScripting #ProductionDeployment #RollbackStrategy #ServerManagement #Technology #LinuxServerAdmin #FexingoBusiness #BusinessPodcast #InfrastructureAsCode Keep every episode free: buymeacoffee.com/fexingo
-
8
Why Your Linux Server Needs a Dedicated nullmailer Setup
Episode 21 of Linux Server Admin with Fexingo dives into the overlooked art of outbound email from headless servers. Lucas and Luna unpack why cron output, system alerts, and automated reports often vanish into the void, and how a tiny tool called nullmailer fixes it without a full mail stack. They walk through a real-world case: a staging server silently dropping backup failure alerts for six months because the standard sendmail compatibility layer wasn't configured. The hosts compare nullmailer with msmtp and postfix-satellite setups, explaining when each makes sense. They cover starttls vs. implicit tls, relay host authentication, and the single config file that routes all server mail through a transactional email provider. By the end, listeners know how to set up a five-minute mail relay that ensures no alert ever gets lost—and why that matters more than most realize. #LinuxServerAdmin #Sysadmin #Bash #ServerEngineering #Technology #Nullmailer #EmailRelay #ServerAlerts #CronMail #Sendmail #Postfix #Msmtp #SMTP #Starttls #DevOps #ServerMonitoring #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
-
7
Why Your Linux Server Needs a Dedicated WireGuard VPN Mesh
In this episode, Lucas and Luna dive into why a dedicated WireGuard VPN mesh beats traditional VPN setups for server-to-server communication. They walk through a real-world example of a three-node cluster where tailscale-style WireGuard overlay simplified firewall rules, reduced latency by 12 milliseconds, and cut configuration time from hours to minutes. Lucas explains the kernel-level efficiency of WireGuard versus OpenVPN, and Luna questions the trade-offs of managing a mesh at scale. The conversation covers handshake overhead, roaming endpoints, and why more sysadmins are adopting WireGuard as a service mesh alternative. A practical look at lightweight, encrypted networking for production Linux servers. #WireGuard #VPNMesh #LinuxServer #Sysadmin #Networking #Encryption #KernelModule #OpenVPN #Tailscale #ZeroTier #ServerSecurity #UDP #NATTraversal #FirewallRules #Latency #DevOps #Technology #FexingoBusiness Keep every episode free: buymeacoffee.com/fexingo
-
6
The Case for Filesystem Snapshots Before Package Updates
Before you run apt upgrade or yum update, there's a better safety net than hoping you can roll back. In this episode, Lucas and Luna dive into why filesystem snapshots — using LVM or ZFS — should be a standard pre-update ritual. They walk through a real scenario: a production server that survived a broken kernel update only because the sysadmin had a five-second snapshot routine. They explain the difference between snapshots and backups, why most sysadmins skip this step, and how to set up a simple snapshot script that takes under a minute. If you manage Linux servers and have ever held your breath during an update, this episode is for you. #FilesystemSnapshots #LVM #ZFS #LinuxServerAdmin #Sysadmin #PackageUpdates #aptUpgrade #yumUpdate #ServerRecovery #RollbackStrategy #BackupVsSnapshot #ProductionServer #ServerReliability #BashScripting #Technology #ServerEngineering #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
-
5
How to Tame Linux Kernel OOM Killer with Systemd
Episode 18 of Linux Server Admin with Fexingo tackles the Linux kernel's Out-Of-Memory (OOM) Killer—a necessary but brutal mechanism that can kill critical services when memory pressure spikes. Hosts Lucas and Luna explore why the OOM Killer often targets the wrong process, how systemd's OOMD (introduced in v243) gives sysadmins fine-grained control over which services get sacrificed, and a real-world case where a misconfigured PostgreSQL OOM score led to production downtime. They cover practical configuration: adjusting OOMScoreAdjust, setting ManagedOOMSwap and ManagedOOMMemoryPressure, and using oomd to protect essential daemons like SSH and monitoring agents. The episode includes a walkthrough of reading /proc//oom_score and /proc//oom_score_adj, plus a donation segment about keeping the show ad-free. Aimed at sysadmins managing Linux servers under memory constraints, this episode provides actionable steps to prevent the OOM Killer from ruining your day. #LinuxServerAdmin #Sysadmin #OOMKiller #Systemd #OOMD #Kernel #MemoryManagement #ServerEngineering #PostgreSQL #SystemdOOMD #LinuxPerformance #SysadminTips #ProductionDowntime #Technology #DevOps #FexingoBusiness #BusinessPodcast #ServerAdmin Keep every episode free: buymeacoffee.com/fexingo
-
4
Why Your Linux Server Needs a Dedicated Log Aggregation Pipeline
Episode 17 of Linux Server Admin with Fexingo dives into the case for a dedicated log aggregation pipeline. Lucas and Luna walk through a real-world scenario where a production outage was prolonged by 45 minutes because logs were scattered across 12 servers with no central aggregation. They explain why tools like the ELK stack or Loki reduce mean time to resolution, how a centralized pipeline turns chaos into searchable data, and why every Linux server team should treat log aggregation as core infrastructure — not an afterthought. Specific numbers: 12 servers, 45 minutes, 3.2 terabytes of logs per month. Listeners walk away with the concrete case for adding a pipeline to their own server environment. #LogAggregation #ELKStack #Loki #CentralizedLogging #LinuxServerAdmin #LinuxSysadmin #DevOps #SiteReliabilityEngineering #MeanTimeToResolution #ProductionOutage #Observability #ServerMonitoring #Bash #ServerEngineering #Infrastructure #TechPodcast #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
-
3
Why Your Linux Server Needs a Dedicated Time-Series Database
In this episode of Linux Server Admin, Lucas and Luna explore why a dedicated time-series database (TSDB) like InfluxDB or VictoriaMetrics can transform how you handle server metrics, logs, and monitoring data. They walk through a real-world scenario: a mid-size e-commerce company whose Prometheus setup buckled under 500,000 metrics per second, leading to dropped data and skewed alerts. Lucas explains the architectural differences between traditional relational databases and TSDBs—columnar storage, downsampling, and retention policies—while Luna questions when you might be over-engineering by adding yet another service. They conclude with practical deployment tips: start with a single-node TSDB, set retention to 30 days, and use Grafana for visualization. Perfect for sysadmins tired of hunting through grep logs or fighting with SQL queries on metric tables. #TimeSeriesDatabase #InfluxDB #VictoriaMetrics #Prometheus #ServerMonitoring #Metrics #DatabaseDesign #LinuxSysadmin #DevOps #Grafana #Downsampling #RetentionPolicy #Observability #TechPodcast #Sysadmin #LinuxServer #FexingoBusiness #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
-
2
Why Your Linux Server Needs A Dedicated Monitoring Stack
In this episode of Linux Server Admin with Fexingo, Lucas and Luna argue that every production Linux server should run its own dedicated monitoring stack, separate from the application infrastructure. They walk through a real-world case where a shared Prometheus instance caused a cascading failure in a SaaS company's monitoring, and explain how a dedicated stack with Grafana, Prometheus, and Alertmanager on a minimal VM would have prevented the outage. They discuss the minimal resource footprint (less than 512 MB RAM), the trade-off of operational overhead versus reliability, and why the monitoring stack should be treated as critical infrastructure with its own dedicated bastion host. The hosts also touch on the importance of blackbox probes to detect internet-facing issues, and how a dedicated stack simplifies incident response during failures. No prior episodes have covered the architectural argument for a dedicated monitoring stack. This is a must-listen for sysadmins managing more than a handful of servers. #LinuxServerAdmin #FexingoBusiness #BusinessPodcast #Technology #Sysadmin #ServerMonitoring #Prometheus #Grafana #MonitoringStack #InfrastructureAsCode #IncidentResponse #DevOps #Alerting #BastionHost #ProductionOutage #ServerReliability #BlackboxProbes #MinimalVM Keep every episode free: buymeacoffee.com/fexingo
-
1
Why Your Linux Server Needs a Dedicated Bastion Host
Episode 14 of Linux Server Admin with Fexingo: Sysadmin, Bash, and Server Engineering. Lucas and Luna explain why routing all SSH traffic through a dedicated bastion host dramatically reduces your attack surface and simplifies compliance. They walk through a real-world setup using a $5/month VPS as a jump box, discuss sshd hardening (disabling root login, key-only auth, port knocking), and cover audit logging with auditd. The episode also details how to forward SSH agent keys securely via ssh -A, and what happens during a typical breach attempt when no bastion exists. Perfect for sysadmins managing fleets of 10 to 1,000 servers who want one clear, practical improvement this week. #BastionHost #SSHSecurity #LinuxSysadmin #JumpBox #ServerHardening #CyberSecurity #Infrastructure #DevOps #Bash #FexingoBusiness #BusinessPodcast #TechnologyPodcast #LinuxAdmin #AuditLogging #PortKnocking #AgentForwarding #VPS #ProductionServer Keep every episode free: buymeacoffee.com/fexingo
-
0
Why Your Linux Server Needs Immutable Root
Lucas and Luna explain the concept of immutable root filesystems for Linux servers—why making the root partition read-only can stop configuration drift, prevent malware persistence, and simplify updates. They dive into how Fedora Silverblue and openSUSE MicroOS implement this, the trade-offs for package management, and why it's gaining traction for production workloads in 2026. No theoretical fluff—just practical reasons to consider going immutable. #ImmutableRoot #LinuxServers #Sysadmin #ConfigurationDrift #FedoraSilverblue #openSUSEMicroOS #ReadOnlyRoot #ServerHardening #DevOps #InfrastructureAsCode #Technology #FexingoBusiness #BusinessPodcast #ServerAdmin #Bash #ContainerOrchestration #AtomicUpdates #Security Keep every episode free: buymeacoffee.com/fexingo
-
-1
Why Your Linux Server Needs a Dedicated Ansible Control Machine
Episode 12 of Linux Server Admin with Fexingo digs into a common but overlooked failure point in server management: running Ansible from a personal workstation. Lucas and Luna walk through a real-world case where a sysadmin's laptop battery died mid-playbook, leaving a fleet of 200 production servers in an inconsistent state. They explain why a dedicated, stateless Ansible control machine — a cheap VM or Raspberry Pi — prevents configuration drift, enforces idempotency, and makes your automation truly reliable. Along the way, they touch on Git-based workflow, vault encryption for secrets, and the golden rule of never running ad-hoc commands in prod. If you manage even a handful of Linux servers, this episode will change how you think about your control node. #Ansible #LinuxServerAdmin #DevOps #Sysadmin #ConfigurationManagement #Automation #ServerManagement #InfrastructureAsCode #Git #AnsibleVault #Idempotency #ConfigurationDrift #RaspberryPi #ControlMachine #ProductionReliability #FexingoBusiness #Technology #BusinessPodcast Keep every episode free: buymeacoffee.com/fexingo
-
-2
Why Your NTP Setup Is Probably Drifting
Episode 11 of Linux Server Admin tackles a silent server killer: clock drift. Lucas and Luna explain why even a 50-millisecond offset can break database replication, certificate validation, and distributed consensus. They walk through a real example of a PostgreSQL cluster that failed silently because chrony wasn't configured to poll multiple upstream servers. They compare ntpd vs chronyd vs systemd-timesyncd, show how to check drift with chronyc tracking, and explain why you should never use a single NTP source. A concrete guide for sysadmins who want production-grade time sync. #NTP #ClockDrift #Chrony #SystemdTimesyncd #ServerTime #LinuxSysadmin #PostgreSQL #DatabaseReplication #ProductionServer #TimeSync #Chronyc #DistributedSystems #Technology #Linux #Sysadmin #FexingoBusiness #BusinessPodcast #ServerEngineering Keep every episode free: buymeacoffee.com/fexingo
We're indexing this podcast's transcripts for the first time — this can take a minute or two. We'll show results as soon as they're ready.
No matches for "" in this podcast's transcripts.
No topics indexed yet for this podcast.
Loading reviews...
ABOUT THIS SHOW
Lucas and Luna sit down at a pair of thin laptops, terminal windows flickering with abstract patterns, to talk Linux server administration as it's actually practiced—bash scripting, systemd quirks, Nginx tuning, SSH hardening, and the daily grind of keeping production services online. Each episode picks a single sysadmin problem: how to diagnose a slow database query without panic, why that cron job keeps failing at 3 AM, or the right way to automate backups with rsync and rclone. Lucas brings the journalistic rigor—he'll cite real-world incidents like the 2021 AWS Kinesis outage that broke monitoring for half the internet, or the time a misplaced chmod command took down a major e-commerce site for an hour. Luna pushes back with hands-on experience: she's the one who asks whether you really need Docker for a three-service stack, or why your fail2ban config is banning your own IP. Together they cut through vendor hype—no Kubernetes if you have five servers, no Ansible if a shell loop wi
HOSTED BY
Fexingo
CATEGORIES
Loading similar podcasts...