New, dull, blogpost:

"Thoughts on increasing ssh security using a hardware security key"

No luck with a FOSS solution for Android yet :(

https://neilzone.co.uk/2026/04/thoughts-on-increasing-ssh-security-using-a-hardware-security-key/

#Linux #Android #ssh #cybersecurity #blob

OpenSSH 10.3/10.3p1 released! https://undeadly.org/cgi?action=article;sid=20260407084719 #openbsd #openssh #ssh #security #cryptography #networking

If you have got the following very specific thing to work, please let me know how!

ssh, using ed25519-sk or ecdsa-sk, with a YubiKey with FIDO2, on Android (specifically GrapheneOS), with a Free software client

My tinkering with termux has, so far, failed.

#ssh #yubikey #android #fido2 #grapheneos #termux

#Apple2 talking to my #Linux box over #SSH via the #FujiNet adapter, and the CaTer terminal program, which can connect to any supported network endpoint.

(more info at https://fujinet.online/)

#retrocomputing

Here's a #security question that's been bugging me for a few weeks now:

I'm a professor and there are #Windows PCs in the classrooms. Login in a controlled domain, users have no admin perms etc.

Sometimes I #ssh from these machines to my #Linux box at my office to show some numerical stuff to the class.

Which security practice is more reasonable? Keep a (passworded) key file in the windows machines and risk an (unlikely) extraction or login with a password and risk keylogging? #secops

snakes.run: rendering 100M pixels a second over ssh · eieio.games

https://eieio.games/blog/secure-massively-multiplayer-snake/

#gamedev #tui #ssh

Exosphere:

― aggregated patch and security update reporting
― basic system status across multiple Unix-like hosts via SSH

<https://exosphere.readthedocs.io/> | <https://github.com/mrdaemon/exosphere>

<https://untrusted.website/@mr_daemon/114980024541462116> @mr_daemon

<https://mastodon.social/@terminaltrove/114977286773333343> @terminaltrove

#Unix #Linux #BSD #FreeBSD #OpenBSD #Debian #Ubuntu #RedHat #macOS #Windows #SSH

Alt...

A frame from the animated demo at the Welcome page.

Why do I find #SSH authentication keys so difficult to implement?

The closest I have found to an idiot's guide didn't work and now I have messed with so many config files I will probably have to do a fresh install to have a chance.

Does anyone know of a really simple walk-through *which is not a YouTube video* and not about GitHub? Ideally for a #RaspberryPi 5 but Debian will do.

Please RT

Vivendo e aprendendo, temos que tirar o chapéu também para o pessoal do #OpenBSD que presenteia o mundo ao desenvolver essa maravilha.

#OpenSSH #SSH #blambers #TIL #softwareLivre #freeSoftware

Alt...

Hackerman - meme do seriado Mr. Robot - Eliot Alderson (Rami Malek) posa com cara de esperto e braços cruzados, vestindo sua blusa de moletom com gorro, e mochila, em montagem que lembra o vídeo Kung Fury com um fundo 3D colorido e, em primeiro plano, a palavra Hackerman em letras brilhosas

Espero que continue a ser mantido...

A alternativa que tenho usado em caso de segurança mais crítica é autossh, com o qual um multiplexador é ainda mais importante. Será que há outros projetos mais recentes semelhantes a mosh, talvez ainda com base em UDP? O que o pessoal recomenda nesse sentido?

🔗 mosh.org

CC: @manualdousuario@mastodon.social

#TerSoftware #blambers #shell #SSH

apt-listchanges: News

openssh (1:10.1p1-1) UNRELEASED; urgency=medium

OpenSSH 10.1p1 includes a number of changes that may affect existing configurations:

- ssh(1): add a warning when the connection negotiates a non-post quantum key agreement algorithm.

This warning has been added due to the risk of "store now, decrypt later" attacks. More details at https://openssh.com/pq.html

This warning may be controlled via a new WarnWeakCrypto ssh_config option, defaulting to on. This option is likely to control additional weak crypto warnings in the future.