๐•‚๐šž๐š‹๐š’๐š”โ„™๐š’๐šก๐šŽ๐š•2d ago

Oh no, please don't tell me again that Linux is now insecure on the net?!

ยซLinux's Latest Vulnerability Allows Reading Root-Owned Files By Unprivileged Usersยป

โ›“๏ธโ€๐Ÿ’ฅ https://www.phoronix.com/news/Linux-ssh-keysign-pwn
โ›“๏ธโ€๐Ÿ’ฅ https://github.com/0xdeadbeefnetwork/ssh-keysign-pwn

#sshkeysignpwn #pwn #ssh #linux #0day #keysigning #sshkeys #itsecurity #itsec #itsecurity #zeroday

Linux's Latest Vulnerability Allows Reading Root-Owned Files By Unprivileged Users

Following Dirty Frag, Fragnesia, and other Linux kernel vulnerabilities making themselves known in recent days, the latest now is ssh-keysign-pwn.

N-gated Hacker NewsMay 4
๐ŸŽ‰ Oh joy, another tool to make deploying Kubernetes clusters as "easy" as pushing a button! Because clearly, the world needed another way to overcomplicate SSH with a dash of GitHub flair. ๐Ÿš€ Meanwhile, real engineers are busy trying to remember their SSH keys. ๐Ÿ™ƒ
https://github.com/alexellis/k3sup #KubernetesDeployment #SSHKeys #DevOps #Tools #Overcomplication #HackerNews #ngated
GitHub - alexellis/k3sup: bootstrap K3s over SSH in < 60s ๐Ÿš€

bootstrap K3s over SSH in < 60s ๐Ÿš€. Contribute to alexellis/k3sup development by creating an account on GitHub.

GitHub
N-gated Hacker NewsApr 16
๐Ÿ—๏ธ๐Ÿš€ Wow, riveting stuff! ๐ŸŽ‰ Cramming SSH keys into a TPM chip - because who doesnโ€™t want to spend their weekend deciphering tech mumbo jumbo? ๐Ÿ™„ Just what we needed, another thrilling chapter in the saga of โ€œSecure It Till It Hurts.โ€ ๐Ÿ”๐Ÿ’ฅ
https://raymii.org/s/tutorials/Put_your_SSH_keys_in_your_TPM_chip.html #SSHkeys #TPMtech #SecureItTillItHurts #TechMumboJumbo #WeekendHacking #HackerNews #ngated
Put your SSH keys in your TPM chip! - Raymii.org

13Apr 12
Authenticate SSH with Your TPM https://hackaday.com/2026/04/11/authenticate-ssh-with-your-tpm/
#LinuxHacks #SecurityHacks #Hardwaretoken #Ssh #Sshkeys #TPM
Authenticate SSH With Your TPM

You probably donโ€™t think about it much, but your PC probably has a TPM or Trusted Platform Module. Windows 11 requires one, and most often, it stores keys to validate your boot process. Most โ€ฆ

Hackaday
Hackaday [Unofficial]Apr 11

Authenticate SSH with Your TPM

https://fed.brid.gy/r/https://hackaday.com/2026/04/11/authenticate-ssh-with-your-tpm/

Authenticate SSH With Your TPM

You probably donโ€™t think about it much, but your PC probably has a TPM or Trusted Platform Module. Windows 11 requires one, and most often, it stores keys to validate your boot process. Most โ€ฆ

Hackaday
N-gated Hacker NewsJan 21
๐Ÿข Ah yes, the timeless art of turning tiny PCs into a "supercomputer" ๐Ÿค–, because who doesn't want to spend their weekend fiddling with SSH keys and pretending they're building Skynet? ๐Ÿ› ๏ธ Just remember, kids: #CV5 vs #CV10 is the Clash of Titans no one asked for! ๐Ÿ˜‚
https://www.kenkoonwong.com/blog/parallel-computing/ #tinyPCs #supercomputer #SSHkeys #Skynet #HackerNews #ngated
Setting Up A Cluster of Tiny PCs For Parallel Computing - A Note To Myself | Everyday Is A School Day

Enjoyed learning the process of setting up a cluster of tiny PCs for parallel computing. A note to myself on installing Ubuntu, passwordless SSH, automating package installation across nodes, distributing R simulations, and comparing CV5 vs CV10 performance. Fun project!

Everyday Is A School Day
mirabilos๐Ÿˆโ€โฌ›Sep 18, 2025

Anyone got an idea how to do this:

  • expose a user on a GNU/Linux system via ssh
  • allow two keys access
    • one is the โ€œselfโ€ key, which should be allowed as-is
    • the other is the โ€œexternalโ€ key, which triggers a password prompt
  • otherwise, password login is not permitted

I know how to do most things of this, but not all at once (AuthenticationMethods is permitted in a Match block, but we cannot match on keys, we want access to the same user, and the โ€œselfโ€ key can also be used (agent forwarding) from nลn-local addresses.

It seems like Iโ€™ll need a custom PAM module (arrrgh, I donโ€™t want to write one of these) that asks for the password if key B is used (does SSH expose this to PAM?).

Anyone got a better idea?

#ssh #openssh #sshkeys #pam

MITIM BlogJun 7, 2025
New post ๐Ÿ—๏ธ
Okay, here's the markdown version of your comprehensive guide to setting up SSH keys, formatted for readability.
https://www.mitim.net/2025/05/ssh-key-creation-and-usage?g=5
#SSH #Hardening #SSHkeys #CyberSecurity
N-gated Hacker NewsApr 14, 2025
๐Ÿš€โœจ Breaking news for the 2050s: SSH keys don't scale, and guess what? SSH certificates do! ๐ŸŽ‰ Apparently, the world is just waking up to this groundbreaking revelationโ€”only took a few decades. ๐Ÿ™„๐Ÿ”‘๐Ÿ”
https://infisical.com/blog/ssh-keys-dont-scale #SSHkeys #SSHcertificates #Cybersecurity #TechNews #Innovation #HackerNews #ngated
SSH Keys Don't Scale. SSH Certificates Do

Breaking down the limitations of SSH key-based authentication and showing how SSH certificates enable modern, manageable infrastructure access.

Infisical Blog
0hlov3Dec 29, 2024
๐Ÿ” Simplify your SSH workflow on KDE Plasma!

Learn how to use KDE Wallet and ksshaskpass for secure, seamless key management.

Read more on Medium: https://blog.schoenwald.aero/streamline-your-ssh-workflow-with-kde-plasmas-wallet-and-ksshaskpass-e22f49b6a07a

Suggestions for improvement are welcome, let's discuss!

#Linux #KDEPlasma #OpenSSH #SSHKeys #TechTips
Streamline Your SSH Workflow with KDE Plasmaโ€™s Wallet and ksshaskpass

In the world of secure communication, SSH (Secure Shell) is a cornerstone technology, enabling encrypted connections to remote servers. For KDE Plasma users, managing SSH keys and agents can be bothโ€ฆ

Medium