Hacker News with Generative AI: OpenSSH

OpenSSH Config Tags How To (mrod.space)
OpenSSH is one of my favorite pieces of software. I try to keep up with the new features and changes and noticed something interesting in the OpenSSH release notes for version 9.4 about config tags.
OpenSSH, Security, Configuration, Software, Linux
4 points by mritzmann 12 days ago | 0 comments
MitM attack against OpenSSH's VerifyHostKeyDNS-enabled client (marc.info)
We discovered two vulnerabilities in OpenSSH:
Security, OpenSSH, Vulnerability
6 points by birdculture 94 days ago | 0 comments
Some ways to restrict who can log in via OpenSSH and how they authenticate (utoronto.ca)
In yesterday's entry on allowing password authentication from the Internet for SSH, I mentioned that there were ways to restrict who this was enabled for or who could log in through SSH. Today I want to cover some of them, using settings in /etc/ssh/sshd_config.
Security, OpenSSH, Linux, SSH, Configuration
5 points by zdw 125 days ago | 0 comments
OpenSSH Keystroke Obfuscation Bypass (crzphil.github.io)
A disclosure for an OpenSSH keystroke obfuscation bypass affecting current OpenSSH versions after 9.4.
Security, OpenSSH, Vulnerability, Hacking
200 points by pabs3 255 days ago | 25 comments
Some thoughts on OpenSSH 9.8's PerSourcePenalties feature (utoronto.ca)
Security, OpenSSH, Networking
75 points by jandeboevrie 282 days ago | 80 comments
NetBSD Security Advisory 2024-002 – OpenSSH CVE-2024-6387 `regreSSHion' (netbsd.org)
Security, Operating Systems, OpenSSH, Vulnerabilities
3 points by lijunhao 314 days ago | 0 comments
CVE-2024-6409: OpenSSH: Possible remote code execution in privsep child (openwall.com)
Security, OpenSSH, Vulnerabilities
141 points by andreyv 318 days ago | 56 comments
RegreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems (qualys.com)
Security, Linux, OpenSSH
830 points by robinhoodexe 327 days ago | 338 comments
OpenSSH 9.8 (mindrot.org)
OpenSSH, Software, Security
17 points by frutiger 340 days ago | 2 comments