ssh – Page 7 – WindowsTechs.com

Security Alert: Potential SSH Backdoor Via Liblzma

Posted on March 29, 2024 by Jonathan Bennett

In breaking news that dropped just after our weekly security column went live, a backdoor has been discovered in the xz package, that could potentially compromise SSH logins on Linux …read more Continue reading Security Alert: Potential SSH Backdoor Via Liblzma→

ssh-keygen fido2 keys without password

Posted on March 28, 2024 by cen

ssh-keygen -t ed25519-sk -O resident -C "yubikey-fido1

My understanding is that I should be able to generate openssh keys with fido2 without password and require touch-only. While that opens up a potential attack when both the device… Continue reading ssh-keygen fido2 keys without password→

MX Linux SSH folder in tmp directory [closed]

Posted on March 28, 2024 by Dustin LaRoche

Even though I don’t have SSH or OpenSSH installed on my machine, I noticed that I have the following directory ssh-XXXXXX2ivnoU in the tmp directory. Inside that directory is a file named agent.2640
What could be causing the creation of th… Continue reading MX Linux SSH folder in tmp directory [closed]→

Webserver Runs on Android Phone

Posted on March 28, 2024 by Bryan Cockfield

Android, the popular mobile phone OS, is essentially just Linux with a nice user interface layer covering it all up. In theory, it should be able to do anything a …read more Continue reading Webserver Runs on Android Phone→

Debain 12.4 server hacked via ssh pw login – what was it? [closed]

Posted on March 19, 2024 by Guido Berger

A few days ago may server was hacked and crashed via Out of memory.
In the auth.log i discovered my password as username. So my pw was stolen.
I got a lot of successful logins from many ips in my auth.log!
Source of my pw i guess:
I had s… Continue reading Debain 12.4 server hacked via ssh pw login – what was it? [closed]→

Openpubkey SSH workflow details

Posted on March 18, 2024 by ieggel

Currently looking into OpenPubKey and more specifically into OpenPubkey SSH:

https://github.com/openpubkey/openpubkey
https://docs.bastionzero.com/openpubkey-ssh

Terminology:

OPK => OpenPubkey
OIDC => OpenID Connect
OP => OpenI… Continue reading Openpubkey SSH workflow details→

Using AI to reduce false positives in secrets scanners

Posted on February 27, 2024 by Help Net Security

As development environments grow more complex, applications increasingly communicate with many external services. When a software development project communicates with an external service, it utilizes a token or “secret” for authentication…. Continue reading Using AI to reduce false positives in secrets scanners→

securely tunneling through a MITM proxy

Posted on February 21, 2024 by Aryeh Leib Taurog

I am wondering if there is a practical way to establish a secure, encrypted network connection through an MITM proxy given the ability to communicate secrets out-of-band with a second, external proxy. Let’s say the MITM is part of a corpo… Continue reading securely tunneling through a MITM proxy→

Port knocking through NAT for self-hosted server

Posted on February 4, 2024 by rudeus123

I decided to move to self-hosting because it is cheaper.
What I want to host:

My personal website
Some apps for fun
Maybe later a Honeypot

I have my old laptop acting as the main host. It has Ubuntu installed with virtualbox.
What I plan… Continue reading Port knocking through NAT for self-hosted server→

Port knocking through NAT for self-hosted server

Posted on February 4, 2024 by rudeus123

I decided to move to self-hosting because it is cheaper.
What I want to host:

My personal website
Some apps for fun
Maybe later a Honeypot

I have my old laptop acting as the main host. It has Ubuntu installed with virtualbox.
What I plan… Continue reading Port knocking through NAT for self-hosted server→