GGUF

GGUF is a special model file format used to run LLMs efficiently on your own computer. It stands for GPT-Generated Unified Format. It is the successor to GGML. Privacy-sensitive workflows are one application of these optimized-for-local execution model packages.

Using ssh-keygen from WSL to generate an SSH key

SSH keys are useful to enable access to networked resources.  

The command ssh-keygen (the OpenSSH authentication key utilit) can be used to generate keys.

Example usage:  ssh-keygen -t ed25519 -C "myemail@mydomain.com".  

The -t option signifies type, and ed25519 refers to the algorithm based on Elliptic Curve Cryptography using an Edwards curve (the recommended default - it competes with RSA which is needed for compatibility with older systems). The -C flag provides a new comment. 

What gets generated is actually a pair of keys, a private key (stored locally) and a public key (stored on the server, but reference copy is typically stored locally too, in your .ssh directory).  It is an asymmetric authentication (not encryption) protocol.

info ssh-keygen will help you decode other command line options for generating keys.

The generated keys are stored in ~/.ssh.

Managed HSM as a secure key storage option in Azure

Managed HSM (Hardware Security Module) is when you need the highest level of key protection in Azure. 

FIPS 140-3 Level 3 hardware is utilised.  

These are stringent security requirements set by NIST. They include: physical security through hardened enclosure and tamper-evident seals and active tamper-detection. The tamper detection includes detection of physical intrusion, temperature and voltage anomalies.

Azure Key Vault

Azure Key Vault can store keys (e.g. API keys) securely which can then be retrieved by applications at runtime. Passwords and certificates can also be stored in the vault.

Objects in the vault are uniquely identified by a case-insensitive identifier called the object identifier. It has a prefix identifying the key vault, object type, user-provided object name, and object version. 

The key vault section starts with https://{vault-name}.vault.azure.net or https://{hsm-name}.managedhsm.azure.net, for Managed HSM Pools.

Object types are "keys", "secrets" or "certificates". 

Object name must be unique within the key vault. Only digits, letters and dashes are allowed in the object name. The object name must be between 1-127 characters. 

LiteLLM

LiteLLM lets you make calls into a variety of LLMs using OpenAI conventions. Think of it as a lightweight model router. LangChain is somewhat similar - but with a bunch of added stuff on agents and orchestration.

OpenAI's Advice on Key Safety

OpenAI has a set of recommendations on key safety. There are basically two types of keys: API keys and admin keys (to check usage limits, quotas etc.). Read more on those recommendations here, also summarised below.

The first recommendation (rule) is do not share API keys. API keys are unique to users, even if those users are on the same team.

The second recommendation is that the OpenAI API key should not be exposed in client-side environments like browsers or mobile apps, which could allow malicious users to make requests as you.

Excel Data Validation Rules

Where to find data validation rules in Excel's ribbon? 

Data -> Data Tools -> click on the drop-down with a green tick and a red no-entry sign, then select Data Validation.

You can choose to allow any values, or restrict values e.g. to a list.