Collaborate Disseminate
I just know everyone is going to shout at me that public key is better but let me spell out the actual scenario first.
I have a small LAN at home, basically I’m the only regular user but other members of the family are connected occasional… Continue reading Relative security of ssh password and public key to remote systems
I recently recalled a memory of when I had once, a fair while ago, accidentally tried to login to the wrong (mistyped) SSH server, and it allowed me access without the correct credentials: null authentication.
I thought nothing of it at th… Continue reading Could there be a legitimate reason for a SSH server to allow null authentication, to anyone?
plink.exe -v -l root -pw toor -R 445:localhost:445 <My IP>
Looking up host "My IP" for SSH connection
Connecting to "My IP" port 22
We claim version: SSH-2.0-PuTTY_Release_0.81
Failed to connect to "My IP&qu… Continue reading Error connecting to SSH through plink.exe [closed]
I have a number of RHEL 8 and RHEL 9 systems with FIPS mode enabled. I’m trying to use a crypto subpolicy to disable CBC ciphers, but the subpolicy seems to be ignored in FIPS mode even though it is applied correctly.
The same subpolicy wo… Continue reading RHEL in FIPS mode ignores crypto subpolicy
I have setup an AlmaLinux9 server with SSHD. I have also generated a priv+pub key on my workstation, and when I check the algorithm used by my key it shows:
ssh-keygen -l -f myprivatekey.pem
2048 SHA256:p8qjW7xUG6CrB7I0edKIGoQarzHtTgqoHf7… Continue reading What encryption algorithm is putty using?
Does wrapping an SSH tunnel with a secondary SSL/TLS layer actually improve the security of the connection?
If not, does doing this make the connection less secure?
Why/ Why not?
Continue reading Does using an SSH tunnel over TLS improve security? [duplicate]
On my system (Ubuntu 22.04) I have encrypted my private key with a passphrase and added it to the ssh agent with ssh-add.
On use of the key, I am prompted with the option "Automatically unlock this key whenever I’m logged in".
In… Continue reading Auto-unlock private key: which implications?
What can you do with a cheap Linux machine with limited flash and only a single free GPIO line? Probably not much, but sometimes, just getting root to prove you …read more Continue reading Getting Root on Cheap WiFi Repeaters, the Long Way Around
Maybe it’s a bit of a dumb question, but at one point I had made an FTP server, and I learned that FTPS and FTPES are FTP over a TLS connection.
So I took a look at SSH expecting that it would be basically telnet over TLS, similar to how H… Continue reading Why wasn’t SSH implemented as just telnet over TLS? [closed]
runZero published new research on Secure Shell (SSH) exposures and unveiled a corresponding open-source tool, SSHamble. This tool helps security teams validate SSH implementations by testing for uncommon but dangerous misconfigurations and software bug… Continue reading SSHamble: Open-source security testing of SSH services