Skip to main content

Search

Items tagged with: openSSH


SO when the #accessibility testing, advocating and fixing becomes a bit much it can be rather cathartic to, rather than take " we'll maybe at some point get to this eventually possibly maybe" , you just fireball your obstacles out of existence.
I do gaming stoofs too on this tiny little #twitch channel simply called Zersiax, and will be checking out some #diabloIV over there in half an hour. If the new #openSSH vuln is making you sad or the ladybird dev's got you down on your luck, come see stuff getting exploded, it helps, I promise :) See you then, over at https;//twitch.tv/zersiax #selfPromo #gaming #noTechStuffForAChange


Excellent summary by Solar Designer on oss-security of what's happened in the last two weeks in response to the #xz #backdoor:

openwall.com/lists/oss-securit…

Noteworthy:
- #OpenSSH implemented systemd notification
- #systemd moves to dlopen(3) for some dependencies
- another detailed timeline at research.swtch.com/xz-timeline
- similar social engineering takeover attempts suspected in #OpenJS and #OpenSSF


We have just issued the first #release of #sshd-openpgp-auth and #ssh-openpgp-auth.

Using this server and client-side tooling it is possible to manage the #authentication of #SSH host keys with the help of an #OpenPGP certificate as trust anchor.

crates.io/crates/sshd-openpgp-…

crates.io/crates/ssh-openpgp-a…

Many thanks to @wiktor for the great collaboration and #NLnet / #NGIAssure for funding this work!

#DNS #KeyOxide #KnownHosts #OpenSSH #Rustlang #Software #WebKeyDirectory #WebOfTrust #WKD #WoT