@eliasp Wait, #OpenSSH has a hard-coded denylist of MAC adresses? 🤨

EDIT: meh alias clash with Message authentication code 🤦

Damien Miller has added timing keystroke obfuscation to #OpenSSH.

The advantage here is making it more difficult for a MITM to detect valid keystrokes out of the client, such as authenticating with #passwords.

#gnu #linux #unix #bsd

https://undeadly.org/cgi?action=article;sid=20230829051257

Unable to ssh over WAN #networking #server #2004 #openssh

https://askubuntu.com/q/1483751/612

#10yrsago EFF and #PublicResource fight back against copyrighted, paywalled laws https://www.eff.org/press/releases/publicresourceorg-fights-back-against-copyright-lawsuit

#10yrsago Monster and Chips: fun, gross-out chapter books https://memex.craphound.com/2013/08/21/monster-and-chips-fun-gross-out-chapter-books/

#5yrsago All versions of #Openssh share a critical vulnerability, including embedded code that will never be updated https://www.bleepingcomputer.com/news/security/vulnerability-affects-all-openssh-versions-released-in-the-past-two-decades/

#5yrsago Vulnerabilities in smart electric plugs give attackers a staging point for scanning and attacking your whole network https://www.theregister.com/2018/08/21/mcafee_flaws_smartplugs/

10/

I would like the apologists of #HashiCorp to remember Theo de Raadt's apocalyptic rants against big corps using #OpenSSH and not contributing back in any way. IIRC that was not used as reason for changing the license to #BSL.

SSH - Driving me insane #ssh #openssh

https://askubuntu.com/q/1481884/612

@kkarhan @animemer @thecatcollective

#openBSD runs servers and computers at #banks and other high-reliability-requirement institutions.

It gave rise to #openSSH and #libreSSL which I believe windows 10 uses to improve your parents' security online.

#ada was #DOD developed for defence application and now runs everything from #missiles to #railway signalling networks to #autopilots

The same is also true for #freeRTOS and #RTEMS which drive rockets into space. There are many #openSource programs involved in rocketry at the highest levels, both civil and martial.

Perhaps most importantly to parents, these are things you can exploit freely, a torch passed to you by others, free as in speech, a tool to better command whatever hardware you elect to use.

I hope you succeed in providing some food for thought about different ways to achieve success ;)

Session closed for user root #ssh #openssh #sshd

https://askubuntu.com/q/1480620/612

ความรู้ใหม่ เพิ่งรู้ว่า DNS Record มี SSHFP ช่วยในการยืนยันโฮสต์ด้วย

รู้งี้ไม่ต้องจดคีย์ใส่กระดาษตั้งแต่แรกละ 😵‍💫
#ssh #openssh

@bdiederik I assume you are using `ForceCommand` to call into a script and then using `$SSH_ORIGINAL_COMMAND` to let the client pass an argument?

It is a pretty cool pattern, also a good opportunity to implement certificate based auth instead of traditional key auth.

If you've done it a different way I'd be interested to hear the details too!

#SystemsAdministration
#secops
#linux
#OpenSSH

Today I have found #openssh does not support #IDN in any form. Not even after manual configuration. So I quickly hacked support: https://github.com/openssh/openssh-portable/pull/421 What would you think about it?

El nova vulnerabilitat #OpenSSH exposa els sistemes #Linux a la #Injecció de comandaments remots

#Vulnerability #Injection

https://thehackernews.com/2023/07/new-openssh-vulnerability-exposes-linux.html?m=1

「新しい OpenSSH の脆弱性により Linux システムがリモート コマンド インジェクションにさらされる 」： The Hacker News

「この脆弱性により、リモートの攻撃者が脆弱な OpenSSH の転送された #ssh エージェント上で任意のコマンドを実行する可能性があります」

#Ubuntu 22.04.2 の最新版では、 #openssh は version 8.9p1-3 ですが、この #脆弱性 については既に #パッチ が当たっています。

#prattohome

SecurityAffairs: A flaw in OpenSSH forwarded ssh-agent allows remote code execution https://securityaffairs.com/148770/hacking/openssh-critical-flaw.html #informationsecuritynews #ITInformationSecurity #PierluigiPaganini #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #Hacking #openssh

🔒 Heads up, techies! A new #vulnerability (CVE-2023-38408) has been uncovered in #OpenSSH that can enable attackers to execute arbitrary commands remotely.

Don't wait—update now and keep your system secure.

https://thehackernews.com/2023/07/new-openssh-vulnerability-exposes-linux.html

#hacking #linux #cybersecurity

SecurityAffairs: A flaw in OpenSSH forwarded ssh-agent allows remote code execution https://securityaffairs.com/148770/hacking/openssh-critical-flaw.html #informationsecuritynews #ITInformationSecurity #PierluigiPaganini #SecurityAffairs #BreakingNews #SecurityNews #hackingnews #Hacking #openssh

⚠️ Vulnerabilidade no OpenSSH

Foi descoberta uma brecha no popular servidor e cliente de SSH <https://alto.win/bvWSU>.

Atualize já para a versão 9.3p2. No Debian 12 pode ser tão simples quanto executar esses comandos:

-----
wget http://ftp.br.debian.org/debian/pool/main/o/openssh/openssh-client_9.3p2-1_amd64.deb -O client.deb
wget http://ftp.br.debian.org/debian/pool/main/o/openssh/openssh-server_9.3p2-1_amd64.deb -O server.deb
dpkg -i client.deb server.deb
rm client.deb server.deb
-----

Essa versão ainda está no repo Sid do Debian, então fique ciente disso.

#️⃣ #MastoAdmin #OpenSSH #CVE

#openssh #cve #cve-2023-038408

Don't forget to patch your systems.

https://blog.qualys.com/vulnerabilities-threat-research/2023/07/19/cve-2023-38408-remote-code-execution-in-opensshs-forwarded-ssh-agent

New #OpenSSH Vulnerability Exposes #Linux Systems to Remote Command Injection
https://thehackernews.com/2023/07/new-openssh-vulnerability-exposes-linux.html?m=1

#OpenSSH 9.3p2 dichtet hochriskantes Sicherheitsleck ab | Security https://www.heise.de/news/OpenSSH-9-3p2-dichtet-hochriskantes-Sicherheitsleck-ab-9222861.html #Patchday