Collaborate Disseminate
I need help and a step-by-step guide how to setup SSH tunneled RDP from my Ubuntu (18.04) laptop to my Windows 10 desktop both across LAN and WAN. I have a hunch what to do in theory, but not in practice. I would prefer to use any FOSS sol… Continue reading How to harden RDP with SSH from Linux to Windows
When using OpenSSH server (sshd) we specify allowed ciphers, host key algorithms and MACs. Some of those ciphers have an email address appended, for example aes256-gcm@openssh.com as opposed to aes256-ctr. What is the meaning of that? I ch… Continue reading OpenSSH: Meaning of cipher with email address @openssh.com
I’ve been searching high and low, trying to find a easily digestible protocol flow of SSH v2.
Does anyone have any docs or, could someone give me an example flow?
I’m interested in the flow of the public key exchange, things like:
OpenSSH version 8.2 introduced support for FIDO/U2F hardware authenticators, via the new public key types “ecdsa-sk” and “ed25519-sk”.
I currently have SSH authentication set up in combination with gpg subkeys by using my security key in … Continue reading Benefit of using OpenSSH FIDO/U2F support over GPG mode?
DNSSEC is the system that allows for cryptographically secure DNS. It’s all based on a root cryptographic key, maintained by the Internet Assigned Numbers Authority (IANA). Ever wondered where the root Key Signing Key is stored, and how it’s accessed? Four times a year, a ceremony is held where the …read more
With the 8.2 release of OpenSSH, they have declared that ssh-rsa for SHA-1 will soon be removed from the defaults:
Future deprecation notice
It is now possible[1] to perform chosen-prefix attacks against the
SHA-1 hash algorithm for less … Continue reading OpenSSH declares ssh-rsa deprecated. What do I do next?
OpenSSH version 8.2 is out and the big news is that the world’s most popular remote management software now supports authentication using any FIDO (Fast Identity Online) U2F hardware token. Continue reading OpenSSH eases admin hassles with FIDO U2F token support
Here’s excellent news for sysadmins. You can now use a physical security key as hardware-based two-factor authentication to securely log into a remote system via SSH protocol.
OpenSSH, one of the most widely used open-source implementations of the Sec… Continue reading OpenSSH now supports FIDO U2F security keys for 2-factor authentication
I generated a key pair on Windows Server 2019 using the native ssh-keygen located in System32\OpenSSH.
Now I think the permissions of the private key are somewhat worrying…
Is it expected to have read-write-execute (700) for Administra… Continue reading Key Pair permission on Windows 2019
I am currently reading through Windows Event Log (OpenSSH) looking at the artefacts created by an attack, I am trying to understand the meaning of certain notifications.
A brute force attack was made by myself, from a Kali Linux machine … Continue reading Interpreting SSH information on Windows Event Viewer…. sshd: Did not receive identification string from ipaddress on port portnumber