flan (@flan@bonito.cafe)
Antes de que se me olvide...
Ayer, no quiso arrancar #Fedora en mi máquina
Qué pasó?
Quise editar un video, instalé #KDEnlive, menú 'inicio' tecleo eso mismo, y dice 'obtener' abre discover, lo instalo, al parecer es nativo el paquete, me da confianza eso, abro el programa y me desespero por no poder hacer rápido lo que pensé, reinicio la PC a Windows para que la use mi pareja
Al regresar, arranca, pantalla de #Plymouth, acaba con el inicio y un cursos de terminal estático
No aparece el inicio de sesión
Raro
Olvidé que había instalado dicho editor, no era relevante
Sí lo fue
Reinicio a recuperación de Fedora, shell, desinstalo los drivers de #Nvidia (pensando era eso), reinicio, arranque en baja resolución, feito pues, nada, sigue igual
Vuelvo a rescue, desinstalo KDEnlive, reinicio, nada
Agoté las búsquedas en #Searx, sale lo mismo de siempre, que #grub esto, que Nvidia lo otro, que si secure boot, que checar los registros, que formateo, que todo menos lo que me pasa
El sudor caliente (por el calor) habita mi piel
Otra vez a reinstalar todo (pensé)
Arranco de nuevo, cursor estático, duro ahí mismo
Se me ocurre hacerle #SSH desde mi teléfono
Shell con root o mi usuario, respiro hondo (osea sí había sistema pero no pantalla de login)
Checo los logs de arranque, plymouth ok, todo ok, excepto... #sddm, 'Unknown Symbol on bla bla bla'
Mi cerebro de pechuga de pollo conecta
Discover de seguro actualizó una dependencia para instalar ese mugroso editor y se rompió algo, sí lo hizo
Por qué sucedió? Bueno, uso Fedora 42, y no he (había) actualizado desde enero, desde que compré mi gráfica RTX5070 Ti, lo dejé así porque en ese tiempo sólo había soporte #CUDA para 42, así que decidí no actualizar nada para no romper nada, me había funcionado bien
Hasta ayer
Así que aprovechando la shell por SSH, un dnf upgrade se encargó de actualizar todo, 16GB de actualizaciones atrasadas
Reinicio, por fin login!
Procedo a reinstalar los drivers de video, reinicio otra vez, arranca bien
Y así termina un sustote, descuido o lo que sea
Pero sucedió algo raro
Al hacer upgrade, regresó el mugroso firefox, y se fue chromium-browser, también necesito una explicación de por qué ocurrió eso, por suerte hacer la inversa funcionó, y no perdí mis perfiles del chrome esterilizado
Bueno banda, a veces Fedora (Discover) hace cosas raras, opacas para el usuario, segunda y última vez que uso una GUI para instalar software, y con prisas...
Fin.
#Linux #Historia #MePasó #Debug
Show Original Post
chris_spackman (@chris_spackman@twit.social)
Just realized that PAM was allowing #SSH to fall back to #passwords even though I thought I had password #authentication turned off in the config. Fixed, but annoying. Makes me wonder what other issues might be lurking in my other /etc configs.
Show Original Post
nohamux (@nohamux@piaille.fr)
Masto besoin de conseil.
Mon serveur #ssh me demande à chaque fois la passphrase de ma key. Doit y avoir un truc que je loupe. Un paramètre de ssh-config ou de sshd_config (je tourne avec #openssh
le repouette me fait pousser la moustache !
Show Original Post
Amir_USBridge (@Amir_USBridge@social.tchncs.de)
Most KVM solutions stream video. That means any automation script — or AI agent — has to deal with pixels.
Mine streams the BIOS as plain text over SSH.
Structured output. JSON-parseable. Color metadata included.
An agent can:
Read BIOS state
Check for errors
Navigate menus
Inject keystrokes
No vision model needed. Just text.
crowdsupply.com/usbridge-technologies/usbridge-kvm-2-0
#homelab #KVM #sysadmin #AI #automation #ssh #openhardware
Show Original Post
vicash (@vicash@fosstodon.org)
How to setup a self-hosted #git server at home using just #cli and #ssh, without using #gitea or #gogs , so you can migrate your personal projects away from #Bitbucket or #github or #gitlab https://vikaskumar.org/2026/05/01/setup-self-hosted-git-server.html
Show Original Post
w (@w@watch.linuxrenaissance.com)
Waypipe in Action: Wayland Remote GUI Over SSH
https://watch.linuxrenaissance.com/w/mny2YtaPwvk9w3ZBMHE5md
Show Original Post
techbot (@techbot@social.raytec.co)
Analysis of Attack Activities Using SSH+TOR Tunnels to Achieve Covert Persistence
APT-C-13 (Sandworm), also known as FROZENBARENTS, is a state-sponsored advanced persistent threat group conducting global cyber espionage operations. The organization recently deployed malicious campaigns using nested SSH and TOR tunnel infrastructure to establish covert remote access channels. Attackers distribute ZIP archives containing weaponized LNK files via spearphishing emails, which extract and execute payloads that create scheduled tasks disguised as legitimate software. The attack establishes dual-encrypted anonymous tunnels using obfs4 protocol to bypass deep packet inspection, while mapping sensitive ports (SMB/445, RDP/3389) to Onion domains for persistent backdoor access. The campaign leverages sophisticated anti-analysis techniques including sandbox detection, file disguise, and process masquerading to evade detection and maintain long-term unauthorized control over compromised systems for intelligence collection.
Pulse ID: 69f1f50a5410ca637c84368c
Pulse Link: https://otx.alienvault.com/pulse/69f1f50a5410ca637c84368c
Pulse Author: AlienVault
Created: 2026-04-29 12:09:46
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#BackDoor #CyberSecurity #Email #Espionage #InfoSec #LNK #OTX #Onion #OpenThreatExchange #Phishing #RAT #RDP #SMB #SSH #Sandworm #SpearPhishing #Worm #ZIP #bot #AlienVault
Show Original Post
techbot (@techbot@social.raytec.co)
Supply Chain Attack Hits SAP CAP and Cloud MTA npm Packages
Multiple npm packages in the SAP JavaScript and cloud application development ecosystem were compromised in a suspected supply chain attack. Affected packages include mbt@1.2.48, @cap-js/db-service@2.10.1, @cap-js/postgres@2.2.2, and @cap-js/sqlite@2.2.2. The compromised versions introduced malicious preinstall scripts that download and execute Bun binaries from GitHub, then run heavily obfuscated payloads designed to harvest credentials from developer machines and CI/CD environments. The payloads steal SSH keys, cloud credentials, npm tokens, GitHub access, cryptocurrency wallets, and CI/CD secrets directly from runner memory. Stolen data is encrypted and exfiltrated via GitHub repositories created under victim accounts. The malware also attempts self-propagation by injecting itself into additional packages using stolen npm tokens and establishes persistence through VSCode and Claude IDE configurations.
Pulse ID: 69f29e7de2c7e622090df108
Pulse Link: https://otx.alienvault.com/pulse/69f29e7de2c7e622090df108
Pulse Author: AlienVault
Created: 2026-04-30 00:12:45
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#Cloud #CyberSecurity #ELF #GitHub #InfoSec #Java #JavaScript #Mac #Malware #NPM #OTX #OpenThreatExchange #RAT #SQL #SSH #SupplyChain #bot #cryptocurrency #AlienVault
Show Original Post
royalapps (@royalapps@dotnet.social)
Soon we’re introducing a new licensing and versioning model for Royal TS, Royal TSX, Royal Server, and the upcoming Royal Connect product line! 🙌🏼 🚀 Check out all details in our Blogpost: https://www.royalapps.com/blog/licensing-and-versioning
#devops #itadmin #remotemanagement #RDP #msrdp #remotedesktop #azure #bastion #SSH #terminal #VNC
Show Original Post
techbot (@techbot@social.raytec.co)
Attack Activity Analysis Using SSH+TOR Tunnels for Covert Persistence
Pulse ID: 69f2df2368a2723f9d197508
Pulse Link: https://otx.alienvault.com/pulse/69f2df2368a2723f9d197508
Pulse Author: Tr1sa111
Created: 2026-04-30 04:48:35
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #OTX #OpenThreatExchange #SSH #bot #Tr1sa111
Show Original Post
techbot (@techbot@social.raytec.co)
疑似APT-C-13(Sandworm)组织利用SSH+TOR隧道实现隐蔽持久化的攻击活动分析-安全资讯-360官网
Pulse ID: 69f1f472cc1acc636d7983ef
Pulse Link: https://otx.alienvault.com/pulse/69f1f472cc1acc636d7983ef
Pulse Author: CyberHunter_NL
Created: 2026-04-29 12:07:14
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #InfoSec #OTX #OpenThreatExchange #SSH #Sandworm #Worm #bot #CyberHunter_NL
Show Original Post
techbot (@techbot@social.raytec.co)
Attack Activity Analysis Using SSH+TOR Tunnels for Covert Persistence
APT-C-13 (Sandworm), also known as FROZENBARENTS, is a state-sponsored advanced persistent threat group conducting global cyber espionage targeting government agencies, diplomatic departments, energy enterprises, and research organizations. Recently detected samples reveal the group's use of nested SSH and TOR tunnel architecture to establish covert communication channels. The attack begins with spear-phishing emails delivering malicious LNK files disguised as PDF documents. Upon execution, the payload deploys TOR hidden services mapping internal ports (SMB/445, RDP/3389) to onion domains, while SSH services with public key authentication provide encrypted remote access. The malware employs obfs4 protocol to obfuscate TOR traffic, evading deep packet inspection. Persistence is achieved through scheduled tasks masquerading as legitimate applications like Opera GX and Dropbox, establishing an anonymous shadow management infrastructure for sustained intelligence collection.
Pulse ID: 69f06b1eeeb1fca735cb0bb8
Pulse Link: https://otx.alienvault.com/pulse/69f06b1eeeb1fca735cb0bb8
Pulse Author: AlienVault
Created: 2026-04-28 08:09:02
Be advised, this data is unverified and should be considered preliminary. Always do further verification.
#CyberSecurity #Dropbox #Email #Espionage #Government #InfoSec #LNK #Malware #OTX #Onion #OpenThreatExchange #Opera #PDF #Phishing #RDP #SMB #SSH #Sandworm #SpearPhishing #Worm #bot #AlienVault
Show Original Post