added entry to drawing challenge

src/routes/blog/2026/0205.md

@@ -170,4 +170,36 @@ I then tried copying another one of PewDiePie's sketches (I still had the tab op
 
 Minor looking through my Pinterest pins got me to try and draw a guy wearing a Mario hat and looking up at the sky, which went poorly, and then I also kind of messed up drawing the type of head I thought I could do kind of okay.
 
-Not the best day, and I am once again questioning why I am doing this challenge, but I guess I gotta see this through to the end.
+Not the best day, and I am once again questioning why I am doing this challenge, but I guess I gotta see this through to the end.
+
+## Day 09: Gaining Perspective
+
+<span class="date-marker">2026-02-14, 21:36</span>
+
+<SubtitledImage
+    image="09-small.webp"
+    altText="An anime face, an outline of a face, and a scribbled-out head shape drawn with a blue ballpoint pen, and a head shape drawn with a pencil. Only the last one has construction lines creating a depth effect."
+    subtitle="freely drawing. no guidance. no goal. kind of demotivating."
+    alignment="right" />
+
+Today, I had some ideas for things I could try to copy (still abstaining from tracing!). Among those things were a picture of Anna (Anna_Chess) and Kevin (Call Me Kevin) as well as a random anime-style girl I probably screenshotted a few days ago for this specific purpose. The first one didn't work out AT ALL because of how little I knew about perspective, and the second one turned out... okay.
+
+I then decided to look up tutorials, which was a *very* good idea.
+
+I found someone recommending mikeymegamega's videos, so I checked out his channel. I found a lot of videos, most of them too advanced for me and also quite... horny... but nonetheless very interesting. I ended up watching [this video](https://youtu.be/_05or04sGAo) on mapping characters' heads and faces. I think this video assumed knowledge of prior videos, which I obviously haven't watched yet, but it was still pretty simple to follow along.
+
+<SubtitledImage
+    image="09-big.webp"
+    altText="Anime-style heads drawn using a pencil. All of them have construction lines and are looking in different directions, which are distinctly recognisable."
+    subtitle="following mikeymegamega's tutorial. i'm actually able to learn perspective and proper drawing techniques through this..?!"
+    alignment="left" />
+
+You can notice the point at which I started following along with the tutorial because I switched back to my pencil and started using construction lines (see I'm learning terminology!!). I also switched to my A5 notebook because the pocket-sized one was too small; in fact, in retrospect I wish I had drawn much bigger, like almost page-filling, because these small drawings + using a somewhat dull pencil starkly inhibited my ability to draw details.
+
+It was actually quite fun to follow along and see drawings come 'alive' through my own doing. 'Alive' is relative here as watching the whole tutorial reveals the skill level mikeymegamega's at, and the final results are insane. It's crazy what someone can do with just a pencil and some paper.
+
+He talked about perspective, head shape, face proportions, and it stuck just a bit better since I was able to follow along at the exact spots where these things were relevant. My drawings are nowhere as good as his, but I'm still quite happy about how these went, and they kind of motivate me to keep going!
+
+I'm not the type to watch tutorials very often, but this proved to me once again that it can be really helpful to do that sometimes; especially when you're struggling with motivation!
+
+Oh and also, very important: this tutorial of his quite literally started with drawing a simple circle for the head, which I struggled with so much I almost got frustrated. While practicing it though, I discovered that it's way easier to draw a shape like a circle when I'm using my arm to draw instead of my wrist! Drawing big shapes with your wrists is difficult because they need to bend weirdly to stretch to the dimensions needed, whereas the arm allows for a much smoother motion with these sizeable shapes.

src/routes/blog/2026/0214.md

@@ -0,0 +1,30 @@
+<script lang="ts">
+    import SubtitledImage from "$lib/components/subtitled-image.svelte";
+</script>
+
+Earlier today, I went through `journalctl` on my server to view some copyparty logs when I discovered that the `ssh` logs were *swamped* with login attempts. Day and night, no more than a few seconds apart from one another, thousands of login attempts from random IP addresses trying to log onto my server with any kind of username they could think of: `root`, `admin`, `mysql`, `denizk0461`, `gmodserver`, `git`, etc.
+
+I thought I was safe from this; after all, I quite vividly remember talking to my former boss about my server and having him tell me how **incredibly unsafe** it is to use password-based authentication, and telling him reassuredly that I set up my server so that I would log in using an `ssh` key and a password. I also remember when I set up my server through Hetzner's website, I specifically said I'd use it via `ssh` and they didn't mail the `root` user password to me because of this.
+
+All of this was and still is true. But then I remembered: when I set up `ssh` on my Raspberry Pi recently, I followed a guide that said you had to manually disable password-based authentication in a config file. And I don't remember doing that on my public-facing server...
+
+<SubtitledImage
+    image="logins.webp"
+    altText="A screenshot of a terminal emulator logged onto a remote server displaying log messages. The messages all display different IP addresses unsuccessfully attempting to log in with different usernames. There are over a dozen requests within a single minute on February 14, 2026."
+    subtitle="intruders trying pretty much any kind of username that would make sense – and some I didn't really understand" />
+
+So I checked the config file at `/etc/ssh/sshd_config` and found the line `#PasswordAuthentication no`. It was commented out, as it is by default! This means that anyone could try to brute-force my account passwords on my server! And I never noticed because I never needed the password; I'm logging in via `ssh` keys, after all. Only after trying to connect to the IP without the key did I find out that this was actually possible all this time.
+
+So I uncommented the line, reloaded the service via `sudo systemctl reload ssh`, verified that my key-based login was still working, then tried the password-based login and was greeted with the message *"Permission denied (publickey)."*
+
+<SubtitledImage
+    image="404.webp"
+    altText="A screenshot of a terminal emulator logged onto a remote server displaying log messages. It displays 404 messages for different URLs containing the letters 'env', suggesting that some was unsuccessfully attempting to discover server secrets."
+    subtitle="phishing for sensitive data eh! tough luck, the water is completely empty!"
+    alignment="right" />
+
+Satisfyingly, all the login attempts documented in `journalctl` are now suffixed with *"[preauth]"*, meaning the people can't even get to the login prompt anymore because they're missing my private keys. I know I'm not 100% safe... but it feels a lot safer now than it did before.
+
+It's worrying to think about what damage one of them may have been able to do if they had gotten in. Especially since some were apparently looking for files containing sensitive data that were left in the open; one was really eager to find `.env` files, likely to try and discover some kind of password or other secret.
+
+Lesson learned: if you have some kind of publicly-facing server, check that unwanted people are restricted from even attempting to log onto it. If you're only *kind of* sure, check!

src/routes/blog/posts.ts

@@ -30,6 +30,17 @@ export const posts: BlogPostLink[] = [
 	// 	title: "Portsmouth Postmortem",
 	// 	description: "",
 	// }],
+	{
+		key: "2026/0214",
+		post: {
+			date: "2026-02-14",
+			time: "19:46",
+			banner: "logins.webp",
+			bannerAlt: "A curved stick from a tree with some dry leaves attached. Its form resembles an entity with two legs, a spine, and no arms, leaning over and looking sad.",
+			title: "SSH Woes",
+			description: "About how I was shocked to learn that my server was open for attacks for well over a year.",
+		}
+	},
 	{
 		key: "2026/0208",
 		post: {