Mathstodon

Kevin LydaOK, this is a thing I didn't know. In <a href="https://mastodon.ie/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openssh</a> config files, the first mention wins, not the last.The overrides in the .d directories are included *first* (normally this happens last - see nginx, sudo, etc) which is how they override things.<a href="https://utcc.utoronto.ca/~cks/space/blog/sysadmin/OpenSSHConfigOrderMatters" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://utcc.utoronto.ca/~cks/space/blog/sysadmin/OpenSSHConfigOrderMatters</a>

Le Journal du hackerSSH over Openssl over Haproxy - - contourner les blocages <a href="https://www.journalduhacker.net/s/mnw1al/ssh_over_openssl_over_haproxy_contourner" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.journalduhacker.net/s/mnw1al/ssh_over_openssl_over_haproxy_contourner</a> <a href="https://blog.victor-hery.com/2024/02/ssh-openssl-haproxy.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.victor-hery.com/2024/02/ssh-openssl-haproxy.html</a> <a href="https://framapiaf.org/tags/h%C3%A9bergement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#hébergement</a> <a href="https://framapiaf.org/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openssh</a>

Neustradamus :xmpp: :linux:<a href="https://mastodon.social/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSSH</a> 10.0 has been released (<a href="https://mastodon.social/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSH</a> / <a href="https://mastodon.social/tags/SecureShell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecureShell</a> / <a href="https://mastodon.social/tags/OpenBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenBSD</a>) <a href="https://openssh.com/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://openssh.com/</a>

Rihards OlupsNeat, OpenSSH client adds variable expansion in "User". This will allow for much simpler PAM (the privileged access management one) related configuration - for example, expanding user into user%original_hostname etc.<a href="https://github.com/openssh/openssh-portable/commit/bd30cf784d6e825ef71592fb723c41d4f2fd407b" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/openssh/openssh-portable/commit/bd30cf784d6e825ef71592fb723c41d4f2fd407b</a><a href="https://mastodon.social/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSSH</a> <a href="https://mastodon.social/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSH</a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a>

jceaElegir la identidad SSH que presenta un cliente al servidor<a href="https://blog.jcea.es/posts/20231203-identidad_ssh.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://blog.jcea.es/posts/20231203-identidad_ssh.html</a><a href="https://mastodon.green/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSSH</a>

unixbhaskarHeads up! Kiddos...measure...<a href="https://mastodon.social/tags/linuxadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linuxadmin</a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensource</a> <a href="https://mastodon.social/tags/tool" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tool</a> <a href="https://mastodon.social/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openssh</a> <a href="https://www.openssh.com/releasenotes.html#10.0p1" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.openssh.com/releasenotes.html#10.0p1</a>

Maquinari.catOpenSSH arriba a la versió 10.0. Entre d'altres, inclou l'algoritme mlkem768x25519-sha256, que diuen és a prova d'ordinadors quàntics.<a href="https://www.phoronix.com/news/OpenSSH-10.0-Released" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.phoronix.com/news/OpenSSH-10.0-Released</a><a href="https://mastodon.social/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSSH</a> <a href="https://mastodon.social/tags/Qu%C3%A0ntic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Quàntic</a> <a href="https://mastodon.social/tags/mlkem768x25519" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#mlkem768x25519</a>-sha256

Ben S.In case anyone is wondering why <a href="https://mastodon.sdf.org/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ssh</a> (<a href="https://mastodon.sdf.org/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openssh</a>) is failing silently on <a href="https://mastodon.sdf.org/tags/msys2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#msys2</a> - seems they pushed out a version that depends on an msys2 runtime version that's stuck in some kind of release queue: <a href="https://github.com/msys2/MSYS2-packages/issues/5320" rel="nofollow noopener noreferrer" target="_blank">https://github.com/msys2/MSYS2-packages/issues/5320</a>

Alejandro Baez<a href="https://fosstodon.org/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openssh</a> now defaults to <a href="https://fosstodon.org/tags/mlkem768x25519" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#mlkem768x25519</a> algorithm for keys. In other words, welcome to quantum resistance being a thing. 😎Congrats to the team on this release! <a href="https://www.openssh.com/txt/release-10.0" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.openssh.com/txt/release-10.0</a>

Portada HardlimitLa décima versión de OpenSSH viene con el algoritmo mlkem768xto25519-sha256 activado por defecto, que se considera seguro ante ataques con ordenadores cuánticos y además se ha convertido en norma en el NIST <a href="https://social.hardlimit.com/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openssh</a> -> <a href="https://hardlimit.com/archivo.php?n=2286" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://hardlimit.com/archivo.php?n=2286</a>

Jeff ForcierI see <a href="https://social.coop/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSSH</a> got to fully removing DSA key support, so that means my “probably do that in <a href="https://social.coop/tags/Paramiko" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Paramiko</a>” todo list item has no more excuses 🤔Well, ok, it still has a few excuses (will be years before the average sshd is OpenSSH 10.0+) but still. Needs happenin' sometime and it ain't like old releases go away, so.

nixCraft 🐧OpenSSH 10.0/10.0p2 released <a href="https://www.openssh.com/releasenotes.html#10.0p1" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.openssh.com/releasenotes.html#10.0p1</a><a href="https://mastodon.social/tags/unix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#unix</a> <a href="https://mastodon.social/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openssh</a> <a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#opensource</a>

Parade du Grotesque 💀Also: <a href="https://mastodon.sdf.org/tags/Slackware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Slackware</a> 15 has a security update for Python3:<a href="http://www.slackware.com/security/viewer.php?l=slackware-security&y=2025&m=slackware-security.326755" rel="nofollow noopener noreferrer" target="_blank">http://www.slackware.com/security/viewer.php?l=slackware-security&y=2025&m=slackware-security.326755</a>Slackware-current just adopted <a href="https://mastodon.sdf.org/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSSH</a> 10.0.p1 & <a href="https://mastodon.sdf.org/tags/OpenSSL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSSL</a> 3.5n/openssh-10.0p1-x86_64-1.txz: Upgraded. Potentially-incompatible changes include the removal of the weak DSA signature algorithm, completing the deprecation process that began in 2015 (when DSA was disabled by default) and repeatedly warned over the last 12 months.n/openssl-3.5.0-x86_64-1.txz: Upgraded. New LTS release, supported until 08 Apr 2030.

Edwin G. :mapleleafroundel:Portable OpenSSH 10.0p1 will not exist. It will be known as OpenSSH 10.0p2.<a href="https://lists.mindrot.org/pipermail/openssh-unix-announce/2025-April/000163.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://lists.mindrot.org/pipermail/openssh-unix-announce/2025-April/000163.html</a> - - - OpenSSH portable 10.0p1 n’existera pas. Ce sera connue comme OpenSSH 10.0p2. // Publication en anglais //<a href="https://mstdn.moimeme.ca/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSSH</a> <a href="https://mstdn.moimeme.ca/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSH</a>

Senioradmin<a href="https://social.tchncs.de/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSSH</a> 9.8 und höher kommt allmählich auf die Server. Da wird die Option PerSourcePenalties interessant (siehe <a href="https://undeadly.org/cgi?action=article;sid=20240607042157" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://undeadly.org/cgi?action=article;sid=20240607042157</a> ) die fail2ban u.ä. überflüssig machen könnte.Konfig-Beispiele sind aber noch rar gesät. Nach der manpage zu urteilen, sollte aber PerSourcePenalties authfail:3600sdafür sorgen dass IPs, die Brute-Force Attacken fahren für 1 Stunde geblockt werden, korrekt? <a href="https://social.tchncs.de/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSH</a>

Peter N. M. HansteenOpenSSH 10.0 Released <a href="https://www.undeadly.org/cgi?action=article;sid=20250410053152" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.undeadly.org/cgi?action=article;sid=20250410053152</a> <a href="https://mastodon.social/tags/openbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openbsd</a> <a href="https://mastodon.social/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openssh</a> <a href="https://mastodon.social/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ssh</a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://mastodon.social/tags/networking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#networking</a> <a href="https://mastodon.social/tags/development" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#development</a> <a href="https://mastodon.social/tags/newrelease" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#newrelease</a> <a href="https://mastodon.social/tags/devops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#devops</a> <a href="https://mastodon.social/tags/sysadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sysadmin</a> <a href="https://mastodon.social/tags/freesoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#freesoftware</a> <a href="https://mastodon.social/tags/libresoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#libresoftware</a>

ティージェーグレェOoph, updated the sshd-session.c patch that MacPorts uses (to try to sandbox things, whoever did that was before my time) and while the patch I modified applies OK, the OpenSSH 10.0p1 build still fails with MacPorts' additional "special sauce". I updated the Trac issue with as far as I got here: <a href="https://trac.macports.org/ticket/72317" rel="nofollow noopener noreferrer" target="_blank">https://trac.macports.org/ticket/72317</a> But I need to step AFK for a while and won't be able to look at this again for several hours. If others want to take a crack at it and fix whatever I failed to get correct, contributions are more than welcome! Thanks! (and here I was thinking the legacy_dsa variant removal would be my potential stumbling block. Nope! sigh I should have tested the snapshot more thoroughly I guess, but I still don't have a functional mpbb locally and I don't even want to get into my "methodology" for diffing this stuff locally, it's basically line by line with not such great tools.) Near as I can discern sshd-session.c got reworked a bit since 9.9p2 and my shoot from the hip attempt is insufficient. <a href="https://snac.bsd.cafe?t=openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSSH</a> <a href="https://snac.bsd.cafe?t=macports" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MacPorts</a>

RenézuCode<a href="https://chaos.social/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSSH</a> 10.0 Released with Major <a href="https://chaos.social/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> and <a href="https://chaos.social/tags/Performance" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Performance</a> Upgrades <a href="https://medium.com/p/openssh-10-0-released-with-major-security-and-performance-upgrades-f7d61012b96e?source=social.tw" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://medium.com/p/openssh-10-0-released-with-major-security-and-performance-upgrades-f7d61012b96e?source=social.tw</a>

r1w1s1OpenSSH 10.0 is out! 🎉 One of the most critical tools in any Unix admin’s toolbox just got even better. 📜 Release notes: <a href="https://www.openssh.com/releasenotes.html#10.0p1" rel="nofollow noopener noreferrer" target="_blank">https://www.openssh.com/releasenotes.html#10.0p1</a> Huge thanks to the OpenSSH devs for keeping the Internet safer with every release. <a href="https://snac.bsd.cafe?t=openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openssh</a> <a href="https://snac.bsd.cafe?t=linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://snac.bsd.cafe?t=openbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openbsd</a> <a href="https://snac.bsd.cafe?t=bsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bsd</a>

RavenOpenSSH 10.0 released with hybrid post-quantum algorithm mlkem768x25519-sha256 as default key agreement, new cipher preference list, new options, bug fixes<a href="https://www.openssh.com/releasenotes.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.openssh.com/releasenotes.html</a><a href="https://mastodon.bsd.cafe/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openssh</a> <a href="https://mastodon.bsd.cafe/tags/openbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openbsd</a> <a href="https://mastodon.bsd.cafe/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#infosec</a> <a href="https://mastodon.bsd.cafe/tags/secureshell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#secureshell</a> <a href="https://mastodon.bsd.cafe/tags/postquantumcryptography" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#postquantumcryptography</a>

Recent searches

Search options

Administered by:

Server stats:

#openssh