Collaborate Disseminate
I decided to move to self-hosting because it is cheaper.
What I want to host:
My personal website
Some apps for fun
Maybe later a Honeypot
I have my old laptop acting as the main host. It has Ubuntu installed with virtualbox.
What I plan… Continue reading Port knocking through NAT for self-hosted server
I use a passphrase on my SSH key used for git. I wanted to be able to use the same git for a few scripts I run to clone/pull a bunch of my repos.
I discovered that I don’t have to repeatedly enter my passphrase if I configure my system to … Continue reading Is using OpenSSH Authentication Agent on Windows 11 a secure practice?
I am a beginner trying to learn Linux from Tryhackme’s Linux Fundamentals. I ran out of time on the attack box and have been trying to connect to my active machine using a vpn over OpenVPN Connect. Unfortunately, I am stuck with a connecti… Continue reading SSH Connection Timed Out – TryHackMe Linux Walkthrough [closed]
This week, we finally get the inside scoops on some old stories, starting with the Bitwarden Windows Hello problem from last year. You may remember, Bitwarden has an option to …read more Continue reading This Week in Security: Bitwarden, Reverse RDP, and Snake
I wanted to connect to HTB Pwnbox via SSH
ssh htb-student@10.129.140.100
but it gives the following message
ssh: connect to host [host name] port 22: Connection timed out
I don’t know what’s wrong because I followed all the instructions … Continue reading Cannot connect to HTB via SSH, connection timed out [closed]
I use two computers every day, my home server which is a desktop system and my laptop. Both systems run xubuntu and, being mostly a command line user, I use ssh to connect between the systems, to connect to various headless Raspberry Pis … Continue reading Security on home system – ssh keys etc
It’s not every day we get to take a good look inside a high-level exploit chain developed by an unnamed APT from the western world. But thanks to some particularly …read more Continue reading This Week in Security: Triangulation, ProxyCommand, and Barracuda
There have recently been several reported security issues with OpenSSH (Terrapin, double-frees, remote execution, X11 forwarding vulnerabilities..). How safe is it for a server to expose OpenSSH (using public key authentication) to the int… Continue reading How safe is it to run an un unpatched, internet-exposed OpenSSH service?
If I have a system where I have 100% control over the client operating system and the server operating system, is there any use case for enabling more than one cipher suite (or any of the options that something like openssl will let you co… Continue reading If I control both sides of a connection, is there any reason to support alternate cipher suites?
Security researchers have discovered a vulnerability (CVE-2023-48795) in the SSH cryptographic network protocol that could allow an attacker to downgrade the connection’s security by truncating the extension negotiation message. The Terrapin atta… Continue reading SSH vulnerability exploitable in Terrapin attacks (CVE-2023-48795)