Mathstodon

Neustradamus :xmpp: :linux:<a href="https://mastodon.social/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSSH</a> 10.0 has been released (<a href="https://mastodon.social/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSH</a> / <a href="https://mastodon.social/tags/SecureShell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SecureShell</a> / <a href="https://mastodon.social/tags/OpenBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenBSD</a>) <a href="https://openssh.com/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://openssh.com/</a>

քʏʀǟȶɛɮɛǟʀɖ<a href="https://log.pyratebeard.net/entry/20250418-a_tale_of_two_gits.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://log.pyratebeard.net/entry/20250418-a_tale_of_two_gits.html</a>a tale of two gits - using my main git config to commit and push code as different users to different remote accounts<a href="https://harbour.cafe/tags/git" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#git</a> <a href="https://harbour.cafe/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ssh</a> <a href="https://harbour.cafe/tags/programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#programming</a> <a href="https://harbour.cafe/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> rss: <a href="https://log.pyratebeard.net/rss.xml" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://log.pyratebeard.net/rss.xml</a>

benzogaga33 :verified:SSH : une faille critique dans Erlang/OTP, facile à exploiter, a été patchée ! <a href="https://www.it-connect.fr/ssh-une-faille-critique-dans-erlang-otp-facile-a-exploiter-a-ete-patchee/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.it-connect.fr/ssh-une-faille-critique-dans-erlang-otp-facile-a-exploiter-a-ete-patchee/</a> <a href="https://mamot.fr/tags/ActuCybers%C3%A9curit%C3%A9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ActuCybersécurité</a> <a href="https://mamot.fr/tags/Cybers%C3%A9curit%C3%A9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersécurité</a> <a href="https://mamot.fr/tags/Vuln%C3%A9rabilit%C3%A9" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Vulnérabilité</a> <a href="https://mamot.fr/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSH</a>

pcyxCritical Erlang/OTP SSH pre-auth RCE is 'Surprisingly Easy' to exploit, patch now<a href="https://www.bleepingcomputer.com/news/security/critical-erlang-otp-ssh-pre-auth-rce-is-surprisingly-easy-to-exploit-patch-now/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/critical-erlang-otp-ssh-pre-auth-rce-is-surprisingly-easy-to-exploit-patch-now/</a><a href="https://c.im/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ssh</a> <a href="https://c.im/tags/erlang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#erlang</a> <a href="https://c.im/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerability</a> <a href="https://c.im/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#cybersecurity</a> <a href="https://c.im/tags/TechNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#TechNews</a>

LavX NewsCritical Erlang/OTP SSH Vulnerability Exposes Systems to Remote Code ExecutionA severe vulnerability in the Erlang/OTP SSH daemon allows unauthenticated remote code execution, prompting urgent action from developers and organizations. With a maximum severity score of 10.0, this...<a href="https://news.lavx.hu/article/critical-erlang-otp-ssh-vulnerability-exposes-systems-to-remote-code-execution" rel="nofollow noopener noreferrer" target="_blank">https://news.lavx.hu/article/critical-erlang-otp-ssh-vulnerability-exposes-systems-to-remote-code-execution</a><a href="https://mastodon.cloud/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#news</a> <a href="https://mastodon.cloud/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#tech</a> <a href="https://mastodon.cloud/tags/Cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Cybersecurity</a> <a href="https://mastodon.cloud/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSH</a> <a href="https://mastodon.cloud/tags/Erlang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Erlang</a>

Daniel Wayne ArmstrongDisable password logins on the SERVER in favour of using SSH keys for authentication. Create the necessary SSH keys on a NetBSD CLIENT that will be used to secure access to remote devices:<a href="https://www.dwarmstrong.org/netbsd-ssh-keys/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.dwarmstrong.org/netbsd-ssh-keys/</a><a href="https://fosstodon.org/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSH</a> <a href="https://fosstodon.org/tags/NetBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#NetBSD</a> <a href="https://fosstodon.org/tags/RunBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#RunBSD</a> <a href="https://fosstodon.org/tags/Encryption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Encryption</a>

Rihards OlupsNeat, OpenSSH client adds variable expansion in "User". This will allow for much simpler PAM (the privileged access management one) related configuration - for example, expanding user into user%original_hostname etc.<a href="https://github.com/openssh/openssh-portable/commit/bd30cf784d6e825ef71592fb723c41d4f2fd407b" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://github.com/openssh/openssh-portable/commit/bd30cf784d6e825ef71592fb723c41d4f2fd407b</a><a href="https://mastodon.social/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSSH</a> <a href="https://mastodon.social/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSH</a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a>

Alexandre Dulaunoywe talk about ssh with <a href="https://infosec.exchange/@jtk" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@jtk</a> and bam there is this<a href="https://vulnerability.circl.lu/vuln/CVE-2025-32433#sightings" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://vulnerability.circl.lu/vuln/CVE-2025-32433#sightings</a>“SSH server (Erlang) may allow an attacker to perform unauthenticated remote code execution (RCE).”We should be careful when we talk.<a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#vulnerability</a> <a href="https://infosec.exchange/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ssh</a> <a href="https://infosec.exchange/tags/erlang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#erlang</a>

Royce WilliamsCall for volunteer data:Looking for real sets of hash-protected ssh <code>~/.ssh/known_hosts</code> files/records, to tune cracking attack stacks on. The bigger the better.Requirements: the cipher type and the fingerprint are not needed -- just need the hash and salt (first couple of base64 fields). Individual cracks won't be published. If you want your own cracks, strong proof of ownership required. DM me!<a href="https://infosec.exchange/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ssh</a> <a href="https://infosec.exchange/tags/HashCracking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HashCracking</a>

Ben CardoenFor reliable cross-OS/device hardware based MFA, it's hard to beat Yubikey. I rarely openly support a company, but with the trend to move MFA to closed standards (not going to mention the company in question, but not hard to figure out which), Yubikey stays open, and has first-class Linux support. <a href="https://mstdn.science/tags/mfa" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#mfa</a> <a href="https://mstdn.science/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://mstdn.science/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://mstdn.science/tags/fedora" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fedora</a> <a href="https://mstdn.science/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ssh</a> (note, I do not have a referral link, nor do I gain from posting this). <a href="https://www.yubico.com/support/download/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.yubico.com/support/download/</a>

Hacker NewsSSH Keys Don't Scale. SSH Certificates Do<a href="https://infisical.com/blog/ssh-keys-dont-scale" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://infisical.com/blog/ssh-keys-dont-scale</a><a href="https://mastodon.social/tags/HackerNews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#HackerNews</a> <a href="https://mastodon.social/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSH</a> <a href="https://mastodon.social/tags/Keys" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Keys</a> <a href="https://mastodon.social/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSH</a> <a href="https://mastodon.social/tags/Certificates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Certificates</a> <a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Security</a> <a href="https://mastodon.social/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#DevOps</a> <a href="https://mastodon.social/tags/Infrastructure" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Infrastructure</a>

BillieI have an old <a href="https://social.tchncs.de/tags/asus" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#asus</a> where the <a href="https://social.tchncs.de/tags/pciex16" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pciex16</a> obviously died. Any graphics card I put into the <a href="https://social.tchncs.de/tags/pciex16" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pciex16</a> slot makes it crash and prevents it from booting. I also do not get any graphics output at all at boot.However, I can access the pc <a href="https://social.tchncs.de/tags/headless" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#headless</a> via <a href="https://social.tchncs.de/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ssh</a> . It has <a href="https://social.tchncs.de/tags/ubuntu" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ubuntu</a> server installed.Is there any chance to connect this to any modern monitor having D-SUB, so that I can at least access the <a href="https://social.tchncs.de/tags/bios" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bios</a> or set up something non-headless ?It has a 350 W power supply, so that is probably not the issue.

Imogen<a href="https://mstdn.social/tags/Technology" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Technology</a> <a href="https://mstdn.social/tags/Computers" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Computers</a> <a href="https://mstdn.social/tags/UNIX" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#UNIX</a> <a href="https://mstdn.social/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#Linux</a> <a href="https://mstdn.social/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSH</a> Have you upgraded to OpenSSH 10?

tundaEingefrohrende SSH-Sessions kann man durch das Drücken von "Enter, Tilde und Punkt" beenden. <a href="https://layer8.space/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ssh</a>

Ben S.In case anyone is wondering why <a href="https://mastodon.sdf.org/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ssh</a> (<a href="https://mastodon.sdf.org/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openssh</a>) is failing silently on <a href="https://mastodon.sdf.org/tags/msys2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#msys2</a> - seems they pushed out a version that depends on an msys2 runtime version that's stuck in some kind of release queue: <a href="https://github.com/msys2/MSYS2-packages/issues/5320" rel="nofollow noopener noreferrer" target="_blank">https://github.com/msys2/MSYS2-packages/issues/5320</a>

Sundeep"SSH Tips and Tricks"<a href="https://carlosbecker.com/posts/ssh-tips-and-tricks/" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://carlosbecker.com/posts/ssh-tips-and-tricks/</a><a href="https://techhub.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://techhub.social/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ssh</a>

Iain CuthbertsonFor your personal system hopping and coding - how many <a href="https://mendeddrum.org/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSH</a> keys do you use?

Edwin G. :mapleleafroundel:Portable OpenSSH 10.0p1 will not exist. It will be known as OpenSSH 10.0p2.<a href="https://lists.mindrot.org/pipermail/openssh-unix-announce/2025-April/000163.html" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://lists.mindrot.org/pipermail/openssh-unix-announce/2025-April/000163.html</a> - - - OpenSSH portable 10.0p1 n’existera pas. Ce sera connue comme OpenSSH 10.0p2. // Publication en anglais //<a href="https://mstdn.moimeme.ca/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSSH</a> <a href="https://mstdn.moimeme.ca/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSH</a>

Senioradmin<a href="https://social.tchncs.de/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSSH</a> 9.8 und höher kommt allmählich auf die Server. Da wird die Option PerSourcePenalties interessant (siehe <a href="https://undeadly.org/cgi?action=article;sid=20240607042157" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://undeadly.org/cgi?action=article;sid=20240607042157</a> ) die fail2ban u.ä. überflüssig machen könnte.Konfig-Beispiele sind aber noch rar gesät. Nach der manpage zu urteilen, sollte aber PerSourcePenalties authfail:3600sdafür sorgen dass IPs, die Brute-Force Attacken fahren für 1 Stunde geblockt werden, korrekt? <a href="https://social.tchncs.de/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#SSH</a>

Peter N. M. HansteenOpenSSH 10.0 Released <a href="https://www.undeadly.org/cgi?action=article;sid=20250410053152" rel="nofollow noopener noreferrer" translate="no" target="_blank">https://www.undeadly.org/cgi?action=article;sid=20250410053152</a> <a href="https://mastodon.social/tags/openbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openbsd</a> <a href="https://mastodon.social/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openssh</a> <a href="https://mastodon.social/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ssh</a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#security</a> <a href="https://mastodon.social/tags/networking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#networking</a> <a href="https://mastodon.social/tags/development" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#development</a> <a href="https://mastodon.social/tags/newrelease" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#newrelease</a> <a href="https://mastodon.social/tags/devops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#devops</a> <a href="https://mastodon.social/tags/sysadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#sysadmin</a> <a href="https://mastodon.social/tags/freesoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#freesoftware</a> <a href="https://mastodon.social/tags/libresoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#libresoftware</a>

Recent searches

Search options

Administered by:

Server stats:

#ssh