<?xml version="1.0" encoding="utf-8" standalone="yes"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom" xmlns:content="http://purl.org/rss/1.0/modules/content/">
  <channel>
    <title>Documentation on iter8lab</title>
    <link>https://iter8lab.net/tags/documentation/</link>
    <description>Recent content in Documentation on iter8lab</description>
    <image>
      <title>iter8lab</title>
      <url>https://iter8lab.net/images/mascot.png</url>
      <link>https://iter8lab.net/images/mascot.png</link>
    </image>
    <generator>Hugo</generator>
    <language>en-us</language>
    <lastBuildDate>Mon, 06 Jul 2026 00:00:00 +0000</lastBuildDate>
    <atom:link href="https://iter8lab.net/tags/documentation/index.xml" rel="self" type="application/rss+xml" />
    <item>
      <title>The Key-Only SSH That Wasn&#39;t</title>
      <link>https://iter8lab.net/posts/2026-07-06-the-key-only-ssh-that-wasnt/</link>
      <pubDate>Mon, 06 Jul 2026 00:00:00 +0000</pubDate>
      <guid>https://iter8lab.net/posts/2026-07-06-the-key-only-ssh-that-wasnt/</guid>
      <description>My own CLAUDE.md said the fleet was key-only SSH. Seven of the boxes disagreed. A self-audit of documentation against reality turned up passwords in git, credentials in the wrong file, and a security posture I&amp;rsquo;d been asserting instead of enforcing.</description>
    </item>
  </channel>
</rss>
