Recent searches
Search options
#openssh
Did a new release of `ssh-tpm-agent`, `v0.8.0`.
Notable changes is hierarchy keys, keyctl backed passwords and some preliminary landlock support.
https://github.com/Foxboron/ssh-tpm-agent/releases/tag/v0.8.0
A few words on SSH public keys read from AuthorizedKeysFile(s) and obtained programmatically from OpenSSH's AuthorizedKeysCommand program.
https://jpmens.net/2025/03/25/authorizedkeyscommand-in-sshd/
Mi máquina virtual estándar sobre @proxmox es definitivamente @alpinelinux
Imagen virtual: x86_64
Configuración minimalista:
#OpenSSH en puerto alternativo:
port 8765
AllowUsers user1
PermitRootLogin no
Usuario con permisos doas:
/etc/doas.conf → permit persist alpine as root
Cortafuegos:
#UFW con reglas estrictas
Control de accesos:
#Fail2Ban notificando por #ntfy cada ban
Todo en 138 MB, súper eficiente y sin paquetes innecesarios.
Suppose you have `AllowUsers foo` set in sshd_config. Normally, this will result in logs like:
[date] [host] sshd-session[pid]: Invalid user ubuntu from 195.178.110.18 port 44128
But sometimes, you see this instead:
[date] [host] sshd-session[pid]: error: PAM: Authentication error for illegal user centos from 82.193.122.91
What are the circumstances in which the attacker is able to get through sshd to interact with the PAM stack despite having given a non-permitted login? #infosec #openssh
#openssh with #yubikey
On the computer, I have only a pubkey, no privkey:
❯ ls ~/.ssh/rainer-yubikey-1*
/Users/rainer/.ssh/rainer-yubikey-1.pubBut I can ssh into a remote machine:
❯ ssh halde
Confirm user presence for key ED25519-SK SHA256:ug3mPO6C+LCYvj6FMG5HE02B5MSJw74a0sLKxooaqJY
Enter PIN for ED25519-SK key /Users/rainer/.ssh/rainer-yubikey-1:
Confirm user presence for key ED25519-SK SHA256:ug3mPO6C+LCYvj6FMG5HE02B5MSJw74a0sLKxooaqJY
User presence confirmed
The programs included with the Debian GNU/Linux system are free software;That's the way I like it! A-ha, a-ha!
youtube.com/watch?v=gFrd3WiOcP…
Kudos to @bkoehn
KC and The Sunshine Band - That's The Way (I Like It) 1977 (Remastered)
Downloaded all portable #OpenSSH releases starting with 1.0pre2 to 9.9p2.
OpenSSH started shipping a pre-computed Diffie-Hellman key exchange group moduli file with 2.9.9. But it doesn't change on every release, like I thought it did.
The releases where the moduli file changed were:
- 2.9.9
- 3.8.1
- 4.0
- 4.9
- 6.0
- 6.1
- 6.2
- 6.9
- 7.0
- 7.3
- 7.4
- 7.7
- 7.8
- 7.9
- 8.0
- 8.1
- 8.2
- 8.3
- 8.4
- 8.5
- 8.6
- 8.7
- 8.9
- 9.1
- 9.2
- 9.4
- 9.6
- 9.8
- 9.9
Curious what sizes they shipped.
#Windows 
-Vorschau: #OpenSSH-Korrekturen, #Recall-Neustart, farbiges Akkusymbol | heise online https://www.heise.de/news/Windows-Vorschau-OpenSSH-Korrekturen-Recall-Neustart-farbiges-Akkusymbol-10293388.html #Microsoft
Microsoft's KB5052077 Update: A Critical Fix for SSH Connectivity on Windows 10
In a recent move to enhance user experience, Microsoft has released the KB5052077 cumulative update for Windows 10, addressing a significant SSH connectivity issue. This update not only resolves the l...
Latest issue of my curated #cybersecurity and #infosec list of resources for week #08/2025 is out!
It includes the following and much more:
➝ Two Vulnerabilities in #OpenSSH
➝ #Russia Increasingly Using #AI in Cyber Espionage
➝ South Korea Blocking Downloads of #DeepSeek
➝ Palo Alto Networks & Juniper Networks Flaws Being Exploited
➝ #Apple to Remove E2E #Encryption in the UK;
Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end 
New OpenSSH vulnerabilities alert! 
Hackers could exploit recent flaws for man-in-the-middle & DoS attacks—time to act! 
Secure your servers now with these essential fixes to protect sensitive data. #OpenSSH #CyberSecurity #TechTips #SysAdmin
https://pupuweb.com/how-to-protect-against-new-openssh-threats/
Sicherheitsupdate #OpenSSH: Angreifer können sich in Verbindungen einklinken | Security https://www.heise.de/news/Sicherheitsupdate-OpenSSH-Angreifer-koennen-sich-in-Verbindungen-einklinken-10287547.html #Patchday
This Week in Security: OpenSSH, JumbledPath, and RANsacked https://hackaday.com/2025/02/21/this-week-in-security-openssh-jumbledpath-and-ransacked/ #ThisWeekinSecurity #HackadayColumns #SecurityHacks #JumbledPath #RANsacked #openssh #News
Does anyone know if VerifyHostKeyDNS in OpenSSH does DNSSEC validation?
Or what a secure fingerprint or insecure finger print mean in ssh_config? (Maybe md5 vs sha256?)
Help us test patches for the #OpenSSH vulnerability CVE-2025-26465, and see the current status of those patches: https://almalinux.org/blog/2025-02-20-test-patches-for-cve-2025-26465/ #linux #security
Bitte sorgt dafür, dass Euer OpenSSH aktualisiert wird. Die Version v9.9_p2-r0 behebt zwei schwerwiegende Sicherheitslücken.
Wenn ihr home assistant mit SSH Addon betreibt, macht bitte ein Update. Die aktuelle Version enthält ein Update von OpenSSH auf v9.9_p2-r0 das zwei schwerwiegende Sicherheitslücken schließt.