Certs may still be the right approach, but OpenSSH also supports an AuthorizedKeysCommand which could be a secure HTTPS request to a central server to pull down a dynamically generated authorized_keys file content for the particular user and host.
If your endpoints can securely and reliably reach a central server, this gives you maximum control (your authorized_keys HTTPS server can have any custom business logic you want) without having to deal with certs/CAs.
Exactly. This is really useful in larger organizations where you may want more complex rules on access. For example, you can easily build "break glass" or 2nd party approved access on demand. You can put whatever logic you need in a CA front-end.
You can also make all the certs short-lived (and only store them in ram).
And when your or someone else's infra down to such a degree that you need SSH access, you do not want to depend on being able to touch that machine first. The same is true with custom AuthorizedKeysCommands that phone home.
Child abuse might be a large driver behind dysfunctionality in adulthood, with disability or early retirement as a consequence. There were some big child neglect cases around the millennium, since them, the topic got more attention from researchers.
It used to be that traumatised kids got slapped with a ADHD, autism and/or borderline diagnosis and it got called a day. These are "that's just how you are" style diagnoses. Since 2018 there is CPTSD which finally connects the symptoms to how you got treated as a child. The denial phase is over.
Lawmakers are a bit behind, as usual, but at this point the scale of the problems can't be denied anymore. Its too late for you and me, but I'm optimistic for future generations.
We're in the over-correcting phase, where every person alive is an abuse survivor of varying seriousness.
For what it's worth I'm not a cynical person against psychology, and I read both the DSM and the ICD front to back every time a revision comes out. But with every revision, especially for the DSM, I become more concerned that we're creeping towards the "everybody suffers from a multitude of disorders therefore nobody does" territory which will bring us right back to ignoring people who need help.
> where every person alive is an abuse survivor of varying seriousness
An odd way to frame it but probably true.
> which will bring us right back to ignoring people who need help
That does not follow - if the environmental sources are known, people (especially teachers and social workers) can look out for them and take measures to improve the outcome for the child. And this is what I'm seeing right now.
See it on a societal scale - for the same effort put into raising kids, you get more functional adults.
ADHD and other mental issues are under-diagnosed in dysfunctional or toxic families, and of course exist in very stable caring families, so I would be very curious in which data link the very different symptoms you cite directly to trauma. It feels like going back to the era of shaming mothers for autism.
This is not ruling out a causal link in the opposite direction, that autism increases vulnerability to traumata.
And while researching case reports on child abuse, i couldn't help to notice that many cases do - indeed - start with an autism diagnosis and only escalate later, example: https://pmc.ncbi.nlm.nih.gov/articles/PMC11886450/
While its true that parents don't cause autism... they can surely cause the diagnosis. Extra bad because it delays appropriate treatment.
> It used to be that traumatised kids got slapped with a ADHD, autism and/or borderline diagnosis and it got called a day. These are "that's just how you are" style diagnoses. Since 2018 there is CPTSD which finally connects the symptoms to how you got treated as a child.
This was my childhood.
Unfortunately for some the narrative of the perfect family is too precious for others to step up and intervene. It's taboo to accuse someone of being a bad parent, even if it's the truth.
Even away from my abusers for decades, the resulting issues have continued into my adulthood and led to near daily struggle that seems to have no end. With my family I've had to choose my battles and my therapist is the only one who both believes me and is trained to give me the support I require to mentally survive in the adult world, one I would otherwise be unprepared for. Without a good enough job I wouldn't be able to pay them and that support would evaporate.
Imagine if a huge percentage of the drama and anger that shows up online is rooted in formative trauma that nobody will ever admit out loud, and as a result we're distracted by trying to address completely unrelated sources of outrage.
"secret" not in the sense that it's hidden, but that most people won't know about it. Because approximately nobody actually reads man pages in their entirety, they just get in to find out how a specific flag works and then get out.
the difference is that knowing 2^8 is generally not useful to people who don't know it
this here is something that's pretty useful to most ssh users, yet seldom spoken of
a better analogy would be comparing it to calling a very good, but not well-known restaurant a secret place - using the word to mean a hidden gem rather than an intentionally hidden secret
ModemManager used to open() and probe every tty device attached to the system. I had a 8-channel relay card with an arduino nano wired up with my desk to control the lights and disco ball, interfaced with a custom ascii-based serial protocol. connecting it to an ubuntu machine (where modemmanager was active in the default install) turned the 2nd or 3rd channel on.
This was generally infuriating, there are many arduino forum posts about modemmanager messing up DIY setups.
Upstream fix was changing modemmanager to work on a whitelist / opt-in approach instead of blacklist / out-opt. My fix was to switch to debian.
reply