Fixing the "sign_and_send_pubkey: signing failed" error on macOS with a Yubikey

There are many examples on the internet for matching up TLS certificates and private key files for RSA keys, but it’s 2022 and Elliptic Curve (EC) keys are becoming a lot more prevalent. The method for matching the certificate and EC private key are similar to RSA: run an openssl command on each file to print out the public key and compare the result to ensure they match. If the values output by these commands are different, then the certificate was generated with a different private key.…

Sometimes in a CodeBuild run, you need to use IAM authentication to access resources in another account. In my case, I needed to clone a CodeCommit repository in order to package up some Ansible playbooks for a CodeDeploy run, but there are a variety reasons why you might want to do this. The process wasn’t very well defined in the documentation so I figured I’d write it down here so I can reference it later.…

A few weeks ago, a system update for my Samsung Galaxy S21 caused the Camera app to crash every time I opened it. I tried the normal debugging steps like checking permissions and clearing cache/app storage, but it still didn’t work. Even more annoying was that I couldn’t scan QR codes because the built-in reader just uses the Camera app. Eventually, I hooked my phone up to my computer and took a look at the logs with adb logcat *:W.…

I recently rotated my SSH keypair, and everything was working great until I booted up a Windows EC2 instance and went to get the password: $ aws ec2 get-password-data --instance-id i-0dd1f5bbeefa4625d --priv-launch-key ~/.ssh/key.pem Unable to decrypt password data using provided private key file. I triple checked that I booted this instance using my new keypair, and confirmed that the keypair wasn’t encrypted, but I still wasn’t able to retrieve the password.…

Fixing the "Operation not supported by device" error on GPG 2.3 with a Yubikey on macOS.

Use the awscli and Amazon S3 to copy files to your Windows AMI builds with Packer 100x faster than the File Provisioner.

Deleting AMIs completely should not be this difficult.

How to create the appropriate KMS grants to launch an encrypted AMI on another AWS account in an Auto-Scaling Group. It's really easy to mess up if you're just skimming documentation like I did.

Hello World It works!…