3 docs tagged with "security"

Reusable Kustomize component that drops a baseline `NetworkPolicy` into every app's namespace — default-deny ingress + egress, with explicit allow-rules for what the app actually needs to talk to.

Set up, manage, and recover Fedora full-disk encryption with LUKS2 + TPM2 + PIN bound to PCRs 7 and 14, with a passphrase fallback in slot 0.

Generate and use SSH keys whose private material never leaves a Nitrokey 3 or YubiKey 5, using FIDO2 resident credentials.