Wth, after the latest #OpenSSH update the daemon only listens on IPv6 addresses? Is that just me? Lol #Linux
lsof -i -n -P | grep sshd
sshd 63245 root 3u IPv6 4882 0t0 TCP *:22 (LISTEN)
Wth, after the latest #OpenSSH update the daemon only listens on IPv6 addresses? Is that just me? Lol #Linux
lsof -i -n -P | grep sshd
sshd 63245 root 3u IPv6 4882 0t0 TCP *:22 (LISTEN)
Recent new features in OpenSSH https://www.undeadly.org/cgi?action=article;sid=20250802084523 #openbsd #openssh #ssh #newfeatures #development #security #freesoftware #libresoftware #crypto #cryptography
Recent new features in OpenSSH https://www.undeadly.org/cgi?action=article;sid=20250802084523 #openbsd #openssh #ssh #newfeatures #development #security #freesoftware #libresoftware #crypto #cryptography
An unimportant remnant of the past has been removed from open SSH;
DSA.
Read about it in this article the next article linked will show you that it has been removed finally
#SSH#openSSH#DSA #programming #coding#OpenSource#openBSD#BSD#secureShell#Infosec
This article shows that DSA has finally been removed
#SSH#openSSH#DSA #programming #coding#OpenSource#openBSD#BSD#secureShell#Infosec
An unimportant remnant of the past has been removed from open SSH;
DSA.
Read about it in this article the next article linked will show you that it has been removed finally
#SSH#openSSH#DSA #programming #coding#OpenSource#openBSD#BSD#secureShell#Infosec
A very welcome change in #OpenBSD -current that impacts software which restrict filesystem access with unveil(2), but permit access to /tmp (like web browsers).
ssh-agent(1) listener sockets and forwarded sockets in sshd(8) will now be under ~/.ssh/agent instead.
djm@ modified src/usr.bin/ssh/*: Move agent listener sockets from /tmp to under ~/.ssh/agent for both ssh-agent(1) and forwarded sockets in sshd(8).
This ensures processes (such as Firefox) that have restricted filesystem access that includes /tmp (via unveil(3)) do not have the ability to use keys in an agent.
Moving the default directory has the consequence that the OS will no longer clean up stale agent sockets, so ssh-agent now gains this
ability.To support $HOME on NFS, the socket path includes a truncated hash of the hostname. ssh-agent will by default only clean up sockets from the same hostname.
ssh-agent gains some new flags: -U suppresses the automatic cleanup of stale sockets when it starts. -u forces a cleanup without keeping a running agent, -uu forces a cleanup that ignores the hostname. -T makes ssh-agent put the socket back in /tmp.
feedback deraadt@ naddy@
doitdoitdoit deraadt@
A space for Bonfire maintainers and contributors to communicate