openssh-server post-installation script error (exit status 10) and SSH not working #apt #dpkg #openssh

https://askubuntu.com/q/1566463/612

Did a new release of ssh-tpm-agent.

https://github.com/Foxboron/ssh-tpm-agent/releases/tag/v0.9.0

`ssh-tpm-add` now supports `-c` for confirmation dialogs before key usage, along with a nice process chain. Thanks to @mic92

#TPM #Security #OpenSSH #SSH

🕵🏻‍♂️ [InfoSec MASHUP] - This week's news cycle handed us the usual parade of breaches, arrests, and patch-your-stuff urgency — but if you squint at the #Malware section long enough, a more uncomfortable story emerges. #SAP-related npm packages backdoored with a credential stealer. A popular #PyPI package hijacked via a forged signed release pushed through a compromised GitHub Actions workflow. Seventy-three "sleeper" extensions quietly sitting in #OpenVSX, waiting. The common thread: attackers aren't breaking down the front door anymore. They're walking in through the tools developers use every day, often with a valid signature and a clean commit history.

What makes this particularly fun — in the way a slow-motion disaster is fun — is that the blast radius isn't just the developer who ran pip install. It's every downstream user, every CI/CD pipeline, every AI coding agent that helpfully executed the preinstall hook without asking questions. The supply chain isn't a niche threat vector reserved for nation-state ops anymore. It's where commodity attackers are increasingly playing, because it scales beautifully and the detection gap remains embarrassingly wide.

→ Week #18/2026 also covers: Supply chain attackers found the path of least resistance, #OpenSSH patched a bug older than most junior devs, and #Europe is done pretending U.S. #cloud is a neutral choice.

Full issue 👉 https://infosec-mashup.santolaria.net/p/infosec-mashup-18-2026-shinyhunters-week-off-they-didn-t-take-one

If you find it useful, subscribe to get it in your inbox every weekend 📨 #infosecMASHUP #cybersecurity #infosec #threatintel #AI

Episode 27 of our technology podcast @RuntimeArguments (http://RuntimeArguments.fm) is up — "SSH and how we got here".

Jim @jammcq walks through SSH's three-decade arc — Tatu Ylönen's 1995 response to a campus password-sniffing attack, OpenSSH a few years later, and what's stayed essentially the same ever since — while Wolf @YesJustWolf pokes at what SSH actually does beyond remote login (file copy, secure tunnels, even X forwarding). They climb the authentication ladder from passwords to public keys to hardware-backed enclaves to certificates, with practical advice along the way: use ED25519, put passphrases on your keys, set the right file permissions, and turn off password auth.

As always, we want to know what you think:

[email protected]

https://www.buzzsprout.com/2469780/episodes/19106065

#SSH #OpenSSH #Cryptography #Security #DevOps #SysAdmin #Linux #ED25519 #Tailscale #Mosh #Podcast #TechPodcast

Masto besoin de conseil.
Mon serveur #ssh me demande à chaque fois la passphrase de ma key. Doit y avoir un truc que je loupe. Un paramètre de ssh-config ou de sshd_config (je tourne avec #openssh

le repouette me fait pousser la moustache !

EDIT : résolue ! merci masto !

📰 Decade-Old OpenSSH Flaw (CVE-2026-35414) Allows Full Root Access, Exploits Hard to Detect

🚨 CRITICAL: A 15-year-old flaw in OpenSSH (CVE-2026-35414) allows attackers to gain full root access. The bug is trivial to exploit and hard to detect in logs. Update to OpenSSH 10.3p1 immediately! 🛡️ #OpenSSH #CVE #Linux #CyberSecurity

🔗 https://cyber.netsecops.io

Génération NT: #OpenSSH : une faille de 15 ans offre un #accès #root total via une simple virgule

Découverte par les experts en #sécurité de l'entreprise Cyera, cette faille, classée comme un risque élevé avec un score CVSS (un système de notation de la gravité des failles) de 8.1, expose potentiellement un nombre incalculable de serveurs à une prise de contrôle totale. Le coupable ? Un simple signe de ponctuation

https://www.generation-nt.com/actualites/openssh-faille-vulnerabilite-virgule-root-acces-2074761