Yorgos Saslis<p>Fellow <a href="https://chaos.social/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> users ! I need your help! </p><p>Context: More and more people are trying out <span class="h-card" translate="no"><a href="https://toot.radicle.xyz/@radicle" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>radicle</span></a></span> as a <a href="https://chaos.social/tags/decentralized" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>decentralized</span></a> <a href="https://chaos.social/tags/GitHub" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>GitHub</span></a> alternative. </p><p><a href="https://chaos.social/tags/Radicle" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Radicle</span></a> has a different identity system than Microsoft's, so when moving projects over to Radicle it is important to know which GH user the Radicle projects belong to. </p><p>What would be a way you would use to link your Radicle and GitHub identities?</p><p>(Radicle identity is based on <a href="https://chaos.social/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a> keys, specifically `did:key`).</p><p>Boosts for reach - appreciated.</p>
Recent searches
No recent searches
Search options
Only available when logged in.
helvede.net is one of the many independent Mastodon servers you can use to participate in the fediverse.
Velkommen til Helvede, fediversets hotteste instance! Vi er en queerfeministisk server, der shitposter i den 9. cirkel.
Welcome to Hell, We’re a DK-based queerfeminist server.
Read our server rules!
Administered by:
Server stats:
159active users
helvede.net: About · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#ssh
4 posts · 4 participants · 1 post today
The New Oil<p>Critical <a href="https://mastodon.thenewoil.org/tags/Erlang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Erlang</span></a>/OTP <a href="https://mastodon.thenewoil.org/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a> RCE bug now has public exploits, patch now</p><p><a href="https://www.bleepingcomputer.com/news/security/public-exploits-released-for-critical-erlang-otp-ssh-flaw-patch-now/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/public-exploits-released-for-critical-erlang-otp-ssh-flaw-patch-now/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p>
menschenfreund<p>Funny, how a lot of people claim you can put ssh_keys: into the users: module in <a href="https://hessen.social/tags/cloudinit" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cloudinit</span></a> <br><a href="https://hessen.social/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a></p>
stfn :raspberrypi: :python:<p>Random useful linux CLI thing I just learnt.</p><p>If you don't want to see all that lengthy text after sshing to a machine, just do</p><p>touch ~/.hushlogin</p><p>(This command creates an empty file ".hushlogin" in your user home directory)</p><p>on the machine you are sshing to. Now there won't be any welcome messages to clutter your terminal, just a prompt.</p><p><a href="https://fosstodon.org/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a> <a href="https://fosstodon.org/tags/bash" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bash</span></a> <a href="https://fosstodon.org/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a></p>
The New Oil<p>Critical <a href="https://mastodon.thenewoil.org/tags/ErlangOTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ErlangOTP</span></a> <a href="https://mastodon.thenewoil.org/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a> pre-auth RCE is 'Surprisingly Easy' to exploit, patch now</p><p><a href="https://www.bleepingcomputer.com/news/security/critical-erlang-otp-ssh-pre-auth-rce-is-surprisingly-easy-to-exploit-patch-now/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">bleepingcomputer.com/news/secu</span><span class="invisible">rity/critical-erlang-otp-ssh-pre-auth-rce-is-surprisingly-easy-to-exploit-patch-now/</span></a></p><p><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a></p>
Alexandre Dulaunoy<p>we talk about ssh with <span class="h-card" translate="no"><a href="https://infosec.exchange/@jtk" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>jtk</span></a></span> and bam there is this</p><p><a href="https://vulnerability.circl.lu/vuln/CVE-2025-32433#sightings" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">vulnerability.circl.lu/vuln/CV</span><span class="invisible">E-2025-32433#sightings</span></a></p><p>“SSH server (Erlang) may allow an attacker to perform unauthenticated remote code execution (RCE).”</p><p>We should be careful when we talk.</p><p><a href="https://infosec.exchange/tags/vulnerability" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>vulnerability</span></a> <a href="https://infosec.exchange/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a> <a href="https://infosec.exchange/tags/erlang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>erlang</span></a></p>
Royce Williams<p>Call for volunteer data:</p><p>Looking for real sets of hash-protected ssh <code>~/.ssh/known_hosts</code> files/records, to tune cracking attack stacks on. The bigger the better.</p><p>Requirements: the cipher type and the fingerprint are not needed -- just need the hash and salt (first couple of base64 fields). </p><p>Individual cracks won't be published. If you want your own cracks, strong proof of ownership required. DM me!</p><p><a href="https://infosec.exchange/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a> <a href="https://infosec.exchange/tags/HashCracking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>HashCracking</span></a></p>
Carsten<p>Ich habe auf der Projektseite von ubuntuusers.de ein paar meiner Programme mal kurz vorgestellt. Vielleicht kann das eine oder andere Programm jemand von Euch ja gebrauchen.</p><p><a href="https://forum.ubuntuusers.de/topic/kleine-helferlein/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">forum.ubuntuusers.de/topic/kle</span><span class="invisible">ine-helferlein/</span></a></p><p><a href="https://nrw.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a> <a href="https://nrw.social/tags/bash" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bash</span></a> <a href="https://nrw.social/tags/shell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>shell</span></a> <a href="https://nrw.social/tags/programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>programming</span></a> <a href="https://nrw.social/tags/coding" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>coding</span></a> <a href="https://nrw.social/tags/python" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>python</span></a> <a href="https://nrw.social/tags/backup" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>backup</span></a> <a href="https://nrw.social/tags/git" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>git</span></a> <a href="https://nrw.social/tags/github" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>github</span></a> <a href="https://nrw.social/tags/codeberg" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>codeberg</span></a> <a href="https://nrw.social/tags/server" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>server</span></a> <a href="https://nrw.social/tags/mount" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mount</span></a> <a href="https://nrw.social/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a> <a href="https://nrw.social/tags/repository" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>repository</span></a></p>
Ben S.<p>In case anyone is wondering why <a href="https://mastodon.sdf.org/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a> (<a href="https://mastodon.sdf.org/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a>) is failing silently on <a href="https://mastodon.sdf.org/tags/msys2" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>msys2</span></a> - seems they pushed out a version that depends on an msys2 runtime version that's stuck in some kind of release queue: <a href="https://github.com/msys2/MSYS2-packages/issues/5320" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/msys2/MSYS2-package</span><span class="invisible">s/issues/5320</span></a></p>
Iain Cuthbertson<p>For your personal system hopping and coding - how many <a href="https://mendeddrum.org/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a> keys do you use?</p>
Senioradmin<p><a href="https://social.tchncs.de/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> 9.8 und höher kommt allmählich auf die Server. Da wird die Option PerSourcePenalties interessant (siehe <a href="https://undeadly.org/cgi?action=article;sid=20240607042157" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">undeadly.org/cgi?action=articl</span><span class="invisible">e;sid=20240607042157</span></a> ) die fail2ban u.ä. überflüssig machen könnte.</p><p>Konfig-Beispiele sind aber noch rar gesät. Nach der manpage zu urteilen, sollte aber </p><p>PerSourcePenalties authfail:3600s</p><p>dafür sorgen dass IPs, die Brute-Force Attacken fahren für 1 Stunde geblockt werden, korrekt? </p><p><a href="https://social.tchncs.de/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a></p>
Peter N. M. Hansteen<p>OpenSSH 10.0 Released <a href="https://www.undeadly.org/cgi?action=article;sid=20250410053152" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">undeadly.org/cgi?action=articl</span><span class="invisible">e;sid=20250410053152</span></a> <a href="https://mastodon.social/tags/openbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openbsd</span></a> <a href="https://mastodon.social/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a> <a href="https://mastodon.social/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/networking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>networking</span></a> <a href="https://mastodon.social/tags/development" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>development</span></a> <a href="https://mastodon.social/tags/newrelease" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>newrelease</span></a> <a href="https://mastodon.social/tags/devops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>devops</span></a> <a href="https://mastodon.social/tags/sysadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sysadmin</span></a> <a href="https://mastodon.social/tags/freesoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>freesoftware</span></a> <a href="https://mastodon.social/tags/libresoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>libresoftware</span></a></p>
Tomáš<p><a href="https://merveilles.town/tags/unix_surrealism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>unix_surrealism</span></a> <a href="https://merveilles.town/tags/openbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openbsd</span></a> <a href="https://merveilles.town/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a> <a href="https://merveilles.town/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a> <a href="https://merveilles.town/tags/comic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>comic</span></a> <a href="https://merveilles.town/tags/runbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>runbsd</span></a> <a href="https://merveilles.town/tags/fish" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fish</span></a> <a href="https://merveilles.town/tags/puffy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>puffy</span></a></p>
Tomáš<p><a href="https://merveilles.town/tags/openbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openbsd</span></a> <a href="https://merveilles.town/tags/unix_surrealism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>unix_surrealism</span></a> <a href="https://merveilles.town/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a></p>
stib<p>If I have a <a href="https://aus.social/tags/codeberg" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>codeberg</span></a> account set up, with a verified <a href="https://aus.social/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a> key on my account and the corresponding public and private keys in `~/.ssh/`, is there a way that I can make it so that it doesn't ask me for my keyphrase every time I push? I'm sure VSCode could do this, but since I've switched to <a href="https://aus.social/tags/Helix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Helix</span></a>, which doesn't have git built-in I've been manually doing the git stuff.<br>My knowledge of <a href="https://aus.social/tags/cryptography" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cryptography</span></a> and <a href="https://aus.social/tags/git" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>git</span></a> are well and truly at the 'barely enough to get myself into trouble' level.<br><a href="https://aus.social/tags/AskFedi" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>AskFedi</span></a></p>
benda<p>i need some guidance from all you smarties out there on the fedi.<br>i have headless <a href="https://kolektiva.social/tags/debian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>debian</span></a> server.<br>no remote root login, but sudo user is available.<br>trying to run "shred" command on a few HDDs. <br>obviously this is a very time consuming process. <br>how can I initiate this process via <a href="https://kolektiva.social/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a> and logout of the pty without killing the shred process? </p><p><a href="https://kolektiva.social/tags/fedihelp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fedihelp</span></a> <a href="https://kolektiva.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a> <a href="https://kolektiva.social/tags/server" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>server</span></a></p>
Jérémy Lecour<p>Intéressante technique pour l’authentification <a href="https://mastodon.evolix.org/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a> basée sur des clés récupérées dynamiquement : <a href="https://jpmens.net/2025/03/25/authorizedkeyscommand-in-sshd/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">jpmens.net/2025/03/25/authoriz</span><span class="invisible">edkeyscommand-in-sshd/</span></a> <a href="https://mastodon.evolix.org/tags/sysadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sysadmin</span></a></p>
Martin<span class="h-card"><a href="https://mstdn.social/users/rysiek" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@rysiek@mstdn.social</a></span><br>I have long random passwords generated by <a href="https://social.mdosch.de?t=pass" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pass</a>. Those are <a href="https://social.mdosch.de?t=pgp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#pgp</a> encrypted and synced via <a href="https://social.mdosch.de?t=ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#ssh</a> and version controlled by <a href="https://social.mdosch.de?t=git" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#git</a>.<br>I never switched to passkeys.<br>For <a href="https://social.mdosch.de?t=xmpp" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#xmpp</a> I use <a href="https://social.mdosch.de?t=fast" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#fast</a> which is sort of the same as passkey.<br><span class="h-card"><a href="https://relay.infosec.exchange/actor" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@relay@relay.infosec.exchange</a></span><br>
OOTS<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@andreasdotorg" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>andreasdotorg</span></a></span> <span class="h-card" translate="no"><a href="https://mastodon.social/@redknight" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>redknight</span></a></span> <br>Reasonably secure against US law enforcement forcing a company to surrender data from their servers? Or reasonably secure against a security service MitM-ing your traffic via a forged TLS-certificate? Or reasonably secure against a security service buying a few 0-days and targetting your admin via that? Or reasonably secure against a security service compromising some library in your software supply chain (as in <a href="https://infosec.exchange/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a>, <a href="https://infosec.exchange/tags/xzutils" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>xzutils</span></a> )?</p><p>There are so many attack vectors for someone with skills and resources...</p>
Carsten<p>On/Off-Skript zum Einbinden entfernter Server mit sshfs. Mit yad-Menü und optionaler systemd-Unterstützung.</p><p><a href="https://codeberg.org/CarstenHa/mntmysrvr" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">codeberg.org/CarstenHa/mntmysr</span><span class="invisible">vr</span></a></p><p><a href="https://nrw.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a> <a href="https://nrw.social/tags/shell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>shell</span></a> <a href="https://nrw.social/tags/bash" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>bash</span></a> <a href="https://nrw.social/tags/coding" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>coding</span></a> <a href="https://nrw.social/tags/programming" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>programming</span></a> <a href="https://nrw.social/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a> <a href="https://nrw.social/tags/sshfs" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sshfs</span></a> <a href="https://nrw.social/tags/mntmysrvr" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mntmysrvr</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload