I have two recreational programming projects active now.
The first is a deterministic password generator [1] which is designed to be easy to use and manage. I've been using it myself for a couple months and have a couple UX improvements in my head that need to be done before I'd recommend it to anyone else.
[1] https://bitbucket.org/nealtucker/whose/
The second is an infrastructure project which my brother and I are building as an opportunity for him to learn about automated infrastructure and security. Terraform starts by instantiating an automated private CA for the purpose of securely issuing certificates to all instances, and then all other instances come up with an agent that generates keys and calls the CA (along with a signed auth blob provided by the terraform run) to obtain certs. Nomad server also comes up, using the same certs, and controls all the other nodes. All communication is MTLS from the start and I'm in the process of adding ssh hostkey signing to the CA so at the same time the instances get certs, they get their hostkeys signed so we don't have to TOFU the ssh hostkeys. We have no idea what we'll do with it, but it's fun to build and teaching both of us a lot.
The first is a deterministic password generator [1] which is designed to be easy to use and manage. I've been using it myself for a couple months and have a couple UX improvements in my head that need to be done before I'd recommend it to anyone else. [1] https://bitbucket.org/nealtucker/whose/
The second is an infrastructure project which my brother and I are building as an opportunity for him to learn about automated infrastructure and security. Terraform starts by instantiating an automated private CA for the purpose of securely issuing certificates to all instances, and then all other instances come up with an agent that generates keys and calls the CA (along with a signed auth blob provided by the terraform run) to obtain certs. Nomad server also comes up, using the same certs, and controls all the other nodes. All communication is MTLS from the start and I'm in the process of adding ssh hostkey signing to the CA so at the same time the instances get certs, they get their hostkeys signed so we don't have to TOFU the ssh hostkeys. We have no idea what we'll do with it, but it's fun to build and teaching both of us a lot.