Mastodawn

https://github.com/OpenSC/OpenSC/wiki/Aladdin-eToken-PRO#etoken-pro-java #OpenSC : How to extract #SafeNet #eToken 5110 SC rsa pub key to using it with #OpenSsh : I figured out something that work, but is there a documentation to check or contribute to ?

```

pkcs11-tool --module $module --read-object --pin $PIN --type pubkey --id $id --output-file "$file.der"

openssl rsa -inform DER -outform PEM -in "$file.der" -pubin > "$file.pem"

ssh-keygen -f "$file.pem" -i -mPKCS8 > "$file.pub"

```

BTW FLOSS alt (without blob) welcome

Aladdin eToken PRO

Open source smart card tools and middleware. PKCS#11/MiniDriver - OpenSC/OpenSC

GitHub

Víctor Jiménez Cerrada 4d ago

Me encantó la charla de Manuel González Regal en la @rootedcon 2026. En ella presentó técnicas inéditas de persistencia en Linux.

Explicó, entre otras cosas, cómo abusar de opciones de configuración de OpenSSH.

Aquí mi resumen para Araintel:
https://araintel.com/articulos/manuel-gonzalez-regal-presenta-tecnicas-ineditas-de-persistencia-en-linux-en-la-rootedcon-2026/

#RootedCon #Ciberseguridad #OpenSSH

Manuel González Regal presenta técnicas inéditas de persistencia en Linux en la RootedCON 2026 | Araintel

En el segundo día de la RootedCon 2026, Manuel González Regal explicó en detalle varias técnicas de persistencia en Linux, muchas de las cuales han sido reportadas a MITRE ATT&CK pero no han sido publicadas todavía. La permanencia, un paso intermedio de un ciberataque. González comenzó repasando ciertos conceptos básicos de ciberseguridad. Un atacante suele

Araintel | Medio de comunicación especializado en Tecnología, Ciberseguridad, Inteligencia, Defensa y Hacking.

Nils Mar 15

épisode 5 et dernier du TP #serveur #web Linux, édition 2026, spécial débutants en #sysadmin, aujourd'hui on cause de #sudo #openssh et de #HTTPS tout de suite sur https://twitch.tv/ahp_nils #twitchfr #twitchstreamer #TwitchStreamers #debian #ubuntu #virtualisation #nginx

AHP_Nils - Twitch

Sysadmin depuis près de 15 ans, j’utilise cette chaîne pour principalement deux choses : continuer à progresser dans des domaines technologiques, ainsi que partager mes apprentissages et découvertes.Venez apprendre avec moi le fonctionnement d'Internet et de ses composants !

Twitch

Who Let The Dogs Out 🐾Mar 14

Уязвимость в GSSAPI-патче к OpenSSH, удалённо эксплуатируемая на стадии до аутентификации

В применяемом во многих дистрибутивах Linux патче gssapi.patch, добавляющем в OpenSSH поддержку обмена ключей на базе GSSAPI, выявлена уязвимость (CVE-2026-3497), приводящая к разыменованию указателя, повреждению памяти и обходу механизма разделения привилегий (Privsep). Уязвимость может быть эксплуатирована удалённо на стадии до осуществления аутентификации. Выявивший проблему исследователь продемонстрировал инициирование аварийного завершения процесса через отправку на SSH-сервер одного модифицированного сетевого пакета. Не исключается, что помимо отказа в обслуживании, существуют более опасные варианты эксплуатации уязвимости.

https://www.opennet.ru/opennews/art.shtml?num=64983

#Linux #openSSH #vulnerability

Уязвимость в GSSAPI-патче к OpenSSH, удалённо эксплуатируемая на стадии до аутентификации

В применяемом во многих дистрибутивах Linux патче gssapi.patch , добавляющем в OpenSSH поддержку обмена ключей на базе GSSAPI, выявлена уязвимость ( CVE-2026-3497 ), приводящая к разыменованию указателя, повреждению памяти и обходу механизма разделения привилегий ( Privsep ). Уязвимость может быть эксплуатирована удалённо на стадии до осуществления аутентификации. Выявивший проблему исследователь продемонстрировал инициирование аварийного завершения процесса через отправку на SSH-сервер одного модифицированного сетевого пакета. Не исключается, что помимо отказа в обслуживании, существуют более опасные варианты эксплуатации уязвимости

OSTechNix Mar 12

Stuck SSH session? Don't kill your terminal. Press Enter, type ~. and it closes instantly. Learn all 10 SSH escape sequences most Linux users never discover.

More details here: https://ostechnix.com/ssh-escape-sequences-beginners-guide/

#SSH #SecureShell #SSHTips #OpenSSH #Linux #TerminalHacks #SysAdmin #Commandline

SSH Escape Sequences Guide: Fix Frozen SSH Sessions Instantly - OSTechNix

Stuck SSH session? Press Enter, type ~. to close frozen SSH instantly. Learn all SSH escape sequences most users never discover.

OSTechNix

Freexian

Mar 11

Opening DebConf 26 registration, improvements to #Debian CI and many more contributions to Debian were made by #Freexian collaborators in February.

Read all the details at https://www.freexian.com/blog/debian-contributions-02-2026/?utm_source=mastodon&utm_medium=social

We thank the organizations subscribing to our Long Term Support contracts (https://www.freexian.com/lts/?utm_source=mastodon&utm_medium=social) and consulting services (https://www.freexian.com/services/?utm_source=mastodon&utm_medium=social) for making this possible.

#debianci #debconf26 #openssh

Debian Contributions: Opening DebConf 26 Registration, Debian CI improvements and more!

Debian Contributions: 2026-02 Contributing to Debian is part of Freexian’s mission. This article covers the latest achievements of Freexian and their collaborators. All of this is made possible by organizations subscribing to our Long Term Support contracts and consulting services. DebConf 26 Registration, by Stefano Rivera, Antonio Terceiro, and Santiago Ruano Rincón DebConf 26, to be held in Santa Fe Argentina in July, has opened for registration and event proposals. Stefano, Antonio, and Santiago all contributed to making this happen.

Freexian

Alexander Bokovoy Mar 10

Got some progress with protocol transition in #OpenSSH: if you login with any authentication mechanism that does not lead to creation of #Kerberos tickets, now you can configure your server to generate one on the user's behalf. This uses Services For User (S4U) extensions available in Active Directory and #FreeIPA implementations. There are few issues we still trying to address (and bugs found during this development) but it looks promising.

Couple demos in the next toots:

David Cantrell 🏏Mar 10

`WARNING: connection is not using a post-quantum key exchange algorithm.`

Well that's a new one.

#ssh #OpenSSH #crypto #ActualCryptoNotStupidSpeculation #QuantumCryptography

ティージェーグレェ Mar 8

I submitted a Pull Request to update MacPorts' libssh to 0.12.0 here:

https://github.com/macports/macports-ports/pull/31472

3 of 3 of GitHub Continuous Integration checks passed.

It's up to someone else with commit access to merge it.

I'm not the maintainer, nor am I really a user of libssh, so some things are not particularly tested (I did attempt to run "port -vst install" but tbh even "port -v install" was failing due to some weird kerberos defaults and I don't run kerberos locally, for good reasons. Also, I don't really use anything dependent upon libssh).

It was more that I was having dreams about OpenSSH and figured I should test a snapshot (no issues there, phew!) but noticed that libssh had been version bumped (more than one actually, there's also a 0.11.4 release) and there were security related issues, so it seemed worth at least submitting a Pull Request since it had apparently slipped under the maintainer's radar? The Portfile is also listed as openmaintainer, so I am guessing a little outside assistance is welcome.

Hopefully it helps some others! Doesn't do much of anything for me.

Hopefully it doesn't break anything for others; that I am less certain about.

#libssh #MacPorts #OpenSource #Security #OpenSSH

Andrew Armstrong Mar 7

Fixing OpenSSH.exe Issues After October 2024 Windows Server Update | https://techygeekshome.info/fixing-openssh-exe-issues-after-october-2024-windows-server-update/?fsp_sid=33497 | #Guide #Microsoft #OpenSSH #refresh #Server #Windows #WindowsUpdate
https://techygeekshome.info/fixing-openssh-exe-issues-after-october-2024-windows-server-update/?fsp_sid=33497