Encrypting SSH host keys
Do we have any standard way to encrypt SSH host keys (like /etc/ssh/ssh_host_rsa_key) on system? If no, than would like to know reason behind storing it in plaintext.
Category Archives: OpenSSH
Why are SSH host keys stored un-encrypted?
Do we have any standard way to encrypt SSH host keys (like /etc/ssh/ssh_host_rsa_key)? If not, why is it stored in plaintext? Isn’t it sensitive information?
Microsoft Adding a Built-in OpenSSH Client to Windows 10
Windows is finally getting a built-in OpenSSH client and you can get it right now in the Fall Creators Update.
The post Microsoft Adding a Built-in OpenSSH Client to Windows 10 appeared first on Thurrott.com.
Continue reading Microsoft Adding a Built-in OpenSSH Client to Windows 10
How is it possible to set a test environment with Open_SSH 6 and ISC BIND 8? [migrated]
I want a virtual machine environment with obsolete versions of software Open_SSH and ISC BIND (Open_SSH 6 and ISC BIND 8).
I have tried to install these specific software versions on Ubuntu Server 16.04 but it is not possibl… Continue reading How is it possible to set a test environment with Open_SSH 6 and ISC BIND 8? [migrated]
SFTP Group based access control
I’m attempting to set up an SFTP Server for our company. From what I was reading, regarding sshd_config, if I have several “Match group” directives, a user can match multiple of those to be able to access both sets of folders… Continue reading SFTP Group based access control
SFTP Group based access control
I’m attempting to set up an SFTP Server for our company. From what I was reading, regarding sshd_config, if I have several “Match group” directives, a user can match multiple of those to be able to access both sets of folders… Continue reading SFTP Group based access control
Limit on modulus lines in OpenSSH /etc/ssh/moduli file?
I understand that OpenSSH server looks in /etc/ssh/moduli and picks a modulus at random for each Diffie-Hellman group exchange. What I am wondering is whether there is a practical limit on how many modulus lines can be in th… Continue reading Limit on modulus lines in OpenSSH /etc/ssh/moduli file?
How to exploit Shellshock in OpenSSH using TERM environment variable?
According to Nessus there is a host vulnerable to ShellShock:
Nessus was able to set the TERM environment variable used in an SSH
connection to :
() { :;}; /usr/bin/id > /tmp/nessus.150
and read the output from the file :
uid=1000(admin) gid=1000(admin) groups=1000(admin)....
I am unable to manually exploit the same.
I tried setting the TERM variable to “() { :;}; /usr/bin/id > /tmp/nessus.150” using export command. I also tried to search for any POC but couldnt find any.
OpenSSH version: 6.6.1 p1
Continue reading How to exploit Shellshock in OpenSSH using TERM environment variable?
How to prevent sharing SSH private keys by email
Is it possible to prevent the sharing of SSH private keys over email (Outlook, in particular), both within and outside of the organisation?
Continue reading How to prevent sharing SSH private keys by email
Security benefit of hadware backed host keys for OpenSSH
There was recently a “two for the price of one” deal on the Yubikey 4 and now I have too many of them. 😀
This got me thinking about things to do with them, more or less usefull. Of course I already use the smart card featur… Continue reading Security benefit of hadware backed host keys for OpenSSH