____  _                            ___
 / ___|(_)_ __ ___   ___  ___  _ __ |_ _|_   ____ _ _ __   _____   __
 \___ \| | '_ ` _ \ / _ \/ _ \| '_ \ | || | / / _` | '_ \ / _ \ \ / /
  ___) | | | | | | |  __/ (_) | | | || || |/ / (_| | | | | (_) \ V /
 |____/|_|_| |_| |_|\___|\___/|_| |_|___|\___/ \__,_|_| |_|\___/ \_/

Hello, I’m Simeon — a systems administrator by profession, and a passionate Linux enthusiast by heart.

Over the past few years, I’ve delved deep into the world of Linux — driven by my love for free and open-source software and the sheer power and flexibility it provides. I thrive in the terminal, live in Neovim, and genuinely enjoy exploring the boundaries of what can be automated, optimized, and understood.

Right now, I’m walking the path toward DevOps. I’m actively studying cloud-native infrastructure, Kubernetes, and the tools that make modern infrastructure scalable, resilient, and declarative. YAML has unexpectedly become one of my favorite formats — structured, readable, and beautifully strict.

I believe in continuous learning, sharing knowledge, and building in public. This blog is both a record of what I discover and an invitation to others who walk a similar path.

Checkout recent posts below or posts organized by topic here

Welcome — and thanks for stopping by!

The Complete Guide to SSH Hardening

Overview

SSH (Secure Shell) is the foundation of remote server administration, yet its default configuration leaves significant security gaps. A properly hardened SSH setup is not about security through obscurity—it’s about implementing defense-in-depth with modern cryptographic standards, strict authentication policies, and comprehensive monitoring.

Understanding the Threat Model

Before implementing security measures, it’s essential to understand what we’re protecting against:

  • Brute-force attacks: Automated attempts to guess credentials
  • Credential stuffing: Using leaked credentials from other breaches
  • Man-in-the-middle attacks: Intercepting SSH connections
  • Cryptographic weaknesses: Exploiting outdated algorithms
  • Privilege escalation: Gaining unauthorized root access
  • Session hijacking: Taking over active SSH sessions

Prerequisites

This guide assumes you have:

[Read more]

How to Install Arch Linux with Full Disk Encryption and LVM Using systemd-boot

This guide describes how to install Arch Linux with full disk encryption, Logical Volume Management (LVM), and the minimalist systemd-boot bootloader. The setup uses two NVMe drives, as this reflects my specific hardware configuration. If you’re using only one drive, the process remains mostly the same—just adapt the LUKS and LVM steps accordingly.

Let’s get started.

Hardware for this Guide

  • CPU: AMD Ryzen 9 5900X
  • GPU: AMD Radeon RX 6900 XT
  • Memory: 32GB
  • Two NVMe drives, each 1TB
  • UEFI-enabled system (BIOS must support UEFI)

Preparing the Terrain

Before embarking on the installation, you’ll need a bootable USB drive with Arch Linux.

[Read more]