openssh - discu.eu

OpenSSH 9.0 - hybrid Streamlined NTRU Prime + x25519 key exchange method by default https://www.openssh.com/txt/release-9.0 8 comments 11/4/2022 crypto

OpenSSH phishing FIDO token protected keys (PoC) https://docs.ssh-mitm.at/trivialauth.html 14 comments 22/3/2022 netsec

The OpenSSH server has limits on what user authentication you can use https://utcc.utoronto.ca/~cks/space/blog/sysadmin/opensshauthconfiglimits 10 comments 7/10/2021 linux

Latest official OpenSSH for Windows? https://www.reddit.com/r/sysadmin/comments/m1l169/latest_official_openssh_for_windows/ 7 comments 10/3/2021 sysadmin

Decrypting OpenSSH sessions for fun and profit - Decrypt SSH session and gain knowledge of it by recovering key material from the memory snapshot - the research into OpenSSH and release some tools to dump OpenSSH from memory https://research.nccgroup.com/2020/11/11/decrypting-openssh-sessions-for-fun-and-profit/ 12 comments 14/11/2020 netsec

Solve ssh-rsa public key auth failure after distro or OpenSSH upgrade, without downgrading security https://dev.to/bowmanjd/upgrade-ssh-client-keys-and-remote-servers-after-fedora-33-s-new-crypto-policy-47ag 12 comments 2/11/2020 linuxadmin

RAMBleed - " As an example, in our paper we demonstrate an attack against OpenSSH in which we use RAMBleed to leak a 2048 bit RSA key. However, RAMBleed can be used for reading other data as well." https://rambleed.com 221 comments 11/6/2019 programming

Troubleshooting Obscure OpenSSH Failures https://engineering.pivotal.io/post/ssh_handshake_failed/ 3 comments 12/12/2018 commandline

ESET discovers 21 new Linux malware families: "All malware strains are trojanized versions of the OpenSSH server or client apps that include keylogger and backdoor capabilities." https://www.zdnet.com/article/eset-discovers-21-new-linux-malware-families/ 6 comments 10/12/2018 opensource

OpenSSH 7.8 released August 24, 2018 http://www.openssh.com/txt/release-7.8 18 comments 25/8/2018 linux

OpenSSH arrives in Windows 10 Spring Update https://www.zdnet.com/article/openssh-arrives-in-windows-10-spring-update/ 36 comments 17/5/2018 sysadmin

Windows 10 OpenSSH Client Installed by Default in April 2018 Update https://www.bleepingcomputer.com/news/microsoft/windows-10-openssh-client-installed-by-default-in-april-2018-update/ 54 comments 17/5/2018 netsec

OpenSSH 7.7 (2018-04-03): “ssh(1)/sshd(8): Drop compatibility support for some very old SSH implementations, … released in or before 2001” http://www.openssh.com/txt/release-7.7 6 comments 4/4/2018 linux

How to record SSH sessions with OpenSSH servers https://gravitational.com/blog/how-to-record-ssh-sessions/ 9 comments 19/1/2018 linux

Say Farewell to Putty as Microsoft adds an OpenSSH Client to Windows 10 https://www.servethehome.com/say-farewell-putty-microsoft-adds-openssh-client-windows-10/ 279 comments 12/12/2017 webdev

OpenSSH 7.6 released October 3, 2017 (potentially-incompatible changes: delete SSH protocol version 1 support) http://www.openssh.com/txt/release-7.6 11 comments 5/10/2017 linux

OpenSSH 7.5 released March 20, 2017 http://www.openssh.com/txt/release-7.5 6 comments 21/3/2017 openbsd

Microsoft Publishes OpenSSH For Windows Code http://news.slashdot.org/story/15/10/20/1925226/microsoft-publishes-openssh-for-windows-code?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+Slashdot%2Fslashdot%2Fto+%28%28Title%29Slashdot+%28rdf%29%29 3 comments 21/10/2015 microsoft

PowerShell Team: Initial OpenSSH for Windows Code Now Publicly Available https://blogs.msdn.com/b/powershell/archive/2015/10/19/openssh-for-windows-update.aspx 224 comments 19/10/2015 sysadmin

OpenSSH 7.0 released http://www.openssh.com/txt/release-7.0 10 comments 11/8/2015 opensource

Bug in widely used OpenSSH opens servers to password cracking http://arstechnica.com/security/2015/07/bug-in-widely-used-openssh-opens-servers-to-password-cracking/ 13 comments 21/7/2015 linux

Microsoft adds OpenSSH support to PowerShell | ZDNet http://www.zdnet.com/article/microsoft-adds-openssh-support-to-powershell/ 3 comments 3/6/2015 linux

OpenSSH update to feature key discovery and rotation for easier switching to ed25519 http://blog.djm.net.au/2015/02/key-rotation-in-openssh-68.html 15 comments 1/2/2015 netsec

OpenSSH <=6.6 SFTP misconfiguration exploit for 64bit Linux http://seclists.org/fulldisclosure/2014/oct/35 9 comments 8/10/2014 linux

OpenSSH 6.7 released https://lists.mindrot.org/pipermail/openssh-unix-dev/2014-October/033021.html 11 comments 7/10/2014 sysadmin

TIL Microsoft donated $100,000 to help the Core Infrastructure Initiative (OpenSSL, OpenSSH and Open Crypto Audit Project) http://bits.blogs.nytimes.com/2014/04/24/companies-back-initiative-to-support-openssl-and-other-open-source-projects/ 104 comments 6/6/2014 linux

OpenSSH No Longer Has To Depend On OpenSSL http://it.slashdot.org/story/14/04/30/1822209/openssh-no-longer-has-to-depend-on-openssl 13 comments 30/4/2014 linux

OpenSSH 6.5 Released http://www.openssh.org/txt/release-6.5 17 comments 31/1/2014 linux

OpenBSD (developers of OpenSSH, OpenSMTPD, pf) - "(we) will shut down if we do not have the funding to keep the lights on" http://marc.info/?l=openbsd-misc&m=138972987203440&w=2 515 comments 15/1/2014 linux

OpenSSH Security Advisory http://www.openssh.com/txt/gcmrekey.adv 3 comments 8/11/2013 sysadmin

my OpenSSH AuthorizedKeysCommand script http://blather.michaelwlucas.com/archives/1562 5 comments 2/3/2013 sysadmin

SSH Mastery, a new book covering OpenSSH and SSH in detail released http://undeadly.org/cgi?action=article&sid=20120510051910 3 comments 15/5/2012 linux

Security measures in OpenSSH [PDF] http://www.openbsd.org/papers/openssh-measures-asiabsdcon2007-slides.pdf 5 comments 31/1/2012 netsec

OpenSSH now with support for Elliptic Curve Cryptography http://marc.info/?l=openbsd-cvs&m=128325589424307 33 comments 31/8/2010 programming

[Full-disclosure] anti-sec: OpenSSH <= 5.2 zero day exploit code - 48 hours until it is publicly released! http://lists.grok.org.uk/pipermail/full-disclosure/2009-july/069752.html 13 comments 21/7/2009 netsec

Happy birthday, OpenSSH http://blogs.techrepublic.com.com/security/?p=295 19 comments 1/10/2007 programming