askubuntu (@askubuntu@ubuntu.social)
Accidentally corrupted /bin/bash #commandline #server #bash #ssh
https://askubuntu.com/q/1564084/612
Show Original Post
solimanhindy (@solimanhindy@mastodon.lovetux.net)
A fun project about #Tron and #ssh
SSHTron is a multiplayer lightcycle game that runs through SSH.
https://github.com/zachlatta/sshtron
Show Original Post
data0 (@data0@indieweb.social)
A few years ago, I migrated my personal projects from #GitHub via self‑hosting (#Gitea, #Forgejo) to plain #SSH‑backed bare repositories and a read‑only web frontend (#cgit). What have I really lost?
I've lost much visibility, that's obvious. But I’ve also lost the low‑effort PRs, the hostile forks, and the hard to understand issues. For personal projects, that's a good trade‑off. The most important thing is to be able to link to a project and I still have that thanks to the #frontend.
[1/3]
Show Original Post
a_net_online (@a_net_online@techhub.social)
#TELNET #SSH #BBS #90s #GAMES #CHAT #ECHO
@codefenix
Echostats and scroller by Codefenix of Constructive Chaos BBS - https://ConChaos.Synchro.net
&
A-Net Door Scores combined for an awesome message stats mod!
Telnet / SSH
ConChaos.Synchro.net - 23 / 22
bbs.a-net.online - 1337 / 1338
Show Original Post
pitrh (@pitrh@mastodon.social)
Over at LinkedIn, somebody posted the results of putting a Linux server with sshd exposted to the internet for 30 days recently.
In that particular area, not much seems to have changed since the early years of this century when the events chronicled here https://nxdomain.no/~peter/hailmary_lessons_learned.html (or if you prefer Big G's trackers, https://bsdly.blogspot.com/2013/10/the-hail-mary-cloud-and-lessons-learned.html) occurred.
#ssh #passwordguessing #rootlogin #weakspaswords #passwordgroping #cybercrime
Show Original Post
habr (@habr@zhub.link)
Как одна форма обратной связи привела к компрометации helpdesk-учетки банка
Всем привет! Меня зовут Игорь Панарин, я же m0nr0e21 . Руковожу направлением анализа защищённости инфраструктуры в Дирекции по информационной безопасности РАНХиГС. Мы работаем с распределённой инфраструктурой: офисы, филиалы, ЦОДы — много площадок и зон ответственности. В такой среде важно не просто находить уязвимости, а наводить порядок в процессах, выстраивать понятное управление и делать безопасность системной, а не точечной. В этой статье я разберу, как проходил взлом банковского сегмента на полигоне Standoff Hackbase, какие векторы атак сработали и какие практические выводы из этого стоит сделать специалистам по безопасности. Мы делаем большую системную работу — и иногда полезно выйти «в поле», чтобы убедиться, что защита действительно готова к бою.
https://habr.com/ru/companies/pt/articles/996352/
#helpdesk #blueteam #standoff #hackbase #rdp #ssh #безопасность_вебприложений #банк #кибератаки #уязвимости_и_их_эксплуатация
Show Original Post
r (@r@social.uninformation.net)
LOL, #ssh grüßt neuerdings mit:
WARNING: connection is not using a post-quantum key exchange algorithm.
Bis H4x0rG1rl2342 einen Quantencomputer verfügbar haben wird, wird das Server-OS diverse Male aktualisiert worden sein und damit kommt die "quantensichere" SSH-Version automatisch ins Haus. So eine Meldung verunsichert nur "normale" Leute die sich einloggen. #linux #debian
Abschalten:
In .ssh/config unter Host * Option WarnWeakCrypto no hinzufügen.
Show Original Post
notes (@notes@edmontonian.social)
I thought it was okay to publicly share the public part of asymmetric key-pairs (as in SSH and PGP keys). But recently I heard that we should protect public keys.
Is it safe to publicly share public part of our asymmetric key pairs?
#SSH #PGP #AsymmetricEncryption
Show Original Post
d1cor (@d1cor@mstdn.io)
Claramente no todo se puede hacer con #SSH 😜
Acá probando "sudo sshd -t" para verificar la sintaxis del archivo de configuración del servidor.
Se viene nuevo contenido en #JuncoTIC, se nota? 😉
#gnu #linux #openssh #sshd #humor #lol
Show Original Post
jaybrueder (@jaybrueder@hachyderm.io)
One clever method to deal with #ssh #bruteforce #bots is to first allow the connection and then sever it abruptly without a proper close. No FIN, no RST.
The bot will just sit there thinking it is still connected while you are actually not spending any resources at all.
Collective defense by means of the attacker's time being wasted!
Here is a neat project visualizing this on a globe:
https://github.com/djkurlander/knock-knock
Show Original Post
royalapps (@royalapps@dotnet.social)
Do you know how to import all your documents? 📑 Find out how here ➡️ https://docs.royalapps.com/r2023/royalts/advanced/import.html
#devops #itadmin #remotemanagement #RDP #remotedesktop #ssh #data
Show Original Post
jesterchen (@jesterchen@social.tchncs.de)
Once there was https://blog.stribik.technology/2015/01/04/secure-secure-shell.html, which was fine. Now there is https://infosec.mozilla.org/guidelines/openssh, which doesn't include a date of the last update* (except perhaps the copyright 2017).
Where can I find current recommended SSH settings, with post-quantum and stuff?
* Oh, how I loathe websites that don't add the dates of creation and/or last update!
Show Original Post