Portable OpenSSH.
This is a port of OpenBSD's OpenSSH to most Unix-like operating systems, including Linux, OS X and Cygwin. Portable OpenSSH polyfills OpenBSD APIs that are not available elsewhere, adds sshd sandboxing for more operating systems and includes support for OS-native authentication and auditing (e.g. using PAM).
https://github.com/openssh/openssh-portable
#ssh
This is a port of OpenBSD's OpenSSH to most Unix-like operating systems, including Linux, OS X and Cygwin. Portable OpenSSH polyfills OpenBSD APIs that are not available elsewhere, adds sshd sandboxing for more operating systems and includes support for OS-native authentication and auditing (e.g. using PAM).
https://github.com/openssh/openssh-portable
#ssh
Enable multi-factor authentication on OpenBSD
In this article I will explain how to add a bit more security to your OpenBSD system by adding a requirement for user logging into the system, locally or by ssh. I will explain how to setup 2 factor authentication (2FA) using TOTP on OpenBSD.
https://dataswamp.org/~solene/2021-02-06-openbsd-2fa.html
#ssh #totp #security
In this article I will explain how to add a bit more security to your OpenBSD system by adding a requirement for user logging into the system, locally or by ssh. I will explain how to setup 2 factor authentication (2FA) using TOTP on OpenBSD.
https://dataswamp.org/~solene/2021-02-06-openbsd-2fa.html
#ssh #totp #security
By default, scp(1) now uses SFTP protocol.
Thanks to a commit by Damien Miller (djm@), scp(1) (in -current) now defaults to using the SFTP protocol:
https://undeadly.org/cgi?action=article;sid=20210910074941
#ssh #scp #sftp
Thanks to a commit by Damien Miller (djm@), scp(1) (in -current) now defaults to using the SFTP protocol:
https://undeadly.org/cgi?action=article;sid=20210910074941
#ssh #scp #sftp
Using KeePassXC with SSH-Agent on OpenBSD
I’m using KeePassXC to manage my secrets. But when I log into my OpenBSD laptop, I’m still asked to enter my SSH passphrase to fill-in ssh-agent(1). Somehow, it’s great ; maybe other system don’t even propose that feature out of the box. But what if KeePassXC could know about my passphrase(s) and interact with ssh-agent(1). Well, it can...
https://www.tumfatig.net/2022/using-keepassxc-with-ssh-agent-on-openbsd/
#keepassxc #ssh
I’m using KeePassXC to manage my secrets. But when I log into my OpenBSD laptop, I’m still asked to enter my SSH passphrase to fill-in ssh-agent(1). Somehow, it’s great ; maybe other system don’t even propose that feature out of the box. But what if KeePassXC could know about my passphrase(s) and interact with ssh-agent(1). Well, it can...
https://www.tumfatig.net/2022/using-keepassxc-with-ssh-agent-on-openbsd/
#keepassxc #ssh
👍2
sshd random relinking at boot.
As with library order randomisation (libc.so/libcrypto/ld.so) at boot and kernel relinking at boot, boot time relinking of sshd(8) is now implemented in -current. Theo de Raadt committed the changes...
https://undeadly.org/cgi?action=article;sid=20230119075627
#ssh #security
As with library order randomisation (libc.so/libcrypto/ld.so) at boot and kernel relinking at boot, boot time relinking of sshd(8) is now implemented in -current. Theo de Raadt committed the changes...
https://undeadly.org/cgi?action=article;sid=20230119075627
#ssh #security
👍17