Le Journal du hacker<p>SSH over Openssl over Haproxy - - contourner les blocages <a href="https://www.journalduhacker.net/s/mnw1al/ssh_over_openssl_over_haproxy_contourner" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">journalduhacker.net/s/mnw1al/s</span><span class="invisible">sh_over_openssl_over_haproxy_contourner</span></a> <a href="https://blog.victor-hery.com/2024/02/ssh-openssl-haproxy.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blog.victor-hery.com/2024/02/s</span><span class="invisible">sh-openssl-haproxy.html</span></a> <a href="https://framapiaf.org/tags/h%C3%A9bergement" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hébergement</span></a> <a href="https://framapiaf.org/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
social.coop is one of the many independent Mastodon servers you can use to participate in the fediverse.
A Fediverse instance for people interested in cooperative and collective projects. If you are interested in joining our community, please apply at https://join.social.coop/registration-form.html.
Administered by:
Server stats:
486active users
social.coop: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.4
#openssh
2 posts · 2 participants · 0 posts today
Neustradamus :xmpp: :linux:<p><a href="https://mastodon.social/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> 10.0 has been released (<a href="https://mastodon.social/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a> / <a href="https://mastodon.social/tags/SecureShell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecureShell</span></a> / <a href="https://mastodon.social/tags/OpenBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenBSD</span></a>) <a href="https://openssh.com/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">openssh.com/</span><span class="invisible"></span></a></p>
Maquinari.cat<p>OpenSSH arriba a la versió 10.0. Entre d'altres, inclou l'algoritme mlkem768x25519-sha256, que diuen és a prova d'ordinadors quàntics.</p><p><a href="https://www.phoronix.com/news/OpenSSH-10.0-Released" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">phoronix.com/news/OpenSSH-10.0</span><span class="invisible">-Released</span></a></p><p><a href="https://mastodon.social/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> <a href="https://mastodon.social/tags/Qu%C3%A0ntic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Quàntic</span></a> <a href="https://mastodon.social/tags/mlkem768x25519" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mlkem768x25519</span></a>-sha256</p>
Alejandro Baez<p><a href="https://fosstodon.org/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a> now defaults to <a href="https://fosstodon.org/tags/mlkem768x25519" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>mlkem768x25519</span></a> algorithm for keys. In other words, welcome to quantum resistance being a thing. 😎</p><p>Congrats to the team on this release! </p><p><a href="https://www.openssh.com/txt/release-10.0" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">openssh.com/txt/release-10.0</span><span class="invisible"></span></a></p>
Jeff Forcier<p>I see <a href="https://social.coop/tags/OpenSSH" class="mention hashtag" rel="tag">#<span>OpenSSH</span></a> got to fully removing DSA key support, so that means my “probably do that in <a href="https://social.coop/tags/Paramiko" class="mention hashtag" rel="tag">#<span>Paramiko</span></a>” todo list item has no more excuses 🤔</p><p>Well, ok, it still has a few excuses (will be years before the average sshd is OpenSSH 10.0+) but still. Needs happenin' sometime and it ain't like old releases go away, so.</p>
nixCraft 🐧<p>OpenSSH 10.0/10.0p2 released <a href="https://www.openssh.com/releasenotes.html#10.0p1" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">openssh.com/releasenotes.html#</span><span class="invisible">10.0p1</span></a></p><p><a href="https://mastodon.social/tags/unix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>unix</span></a> <a href="https://mastodon.social/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a> <a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a></p>
Parade du Grotesque 💀<p>Also: <a href="https://mastodon.sdf.org/tags/Slackware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Slackware</span></a> 15 has a security update for Python3:</p><p><a href="http://www.slackware.com/security/viewer.php?l=slackware-security&y=2025&m=slackware-security.326755" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">http://www.</span><span class="ellipsis">slackware.com/security/viewer.</span><span class="invisible">php?l=slackware-security&y=2025&m=slackware-security.326755</span></a></p><p>Slackware-current just adopted <a href="https://mastodon.sdf.org/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> 10.0.p1 & <a href="https://mastodon.sdf.org/tags/OpenSSL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSL</span></a> 3.5</p><p>n/openssh-10.0p1-x86_64-1.txz: Upgraded. Potentially-incompatible changes include the removal of the weak DSA signature algorithm, completing the deprecation process that began in 2015 (when DSA was disabled by default) and repeatedly warned over the last 12 months.</p><p>n/openssl-3.5.0-x86_64-1.txz: Upgraded. New LTS release, supported until 08 Apr 2030.</p>
Edwin G. :mapleleafroundel:<p>Portable OpenSSH 10.0p1 will not exist. It will be known as OpenSSH 10.0p2.</p><p><a href="https://lists.mindrot.org/pipermail/openssh-unix-announce/2025-April/000163.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">lists.mindrot.org/pipermail/op</span><span class="invisible">enssh-unix-announce/2025-April/000163.html</span></a><br>- - -<br>OpenSSH portable 10.0p1 n’existera pas. Ce sera connue comme OpenSSH 10.0p2. </p><p>// Publication en anglais //</p><p><a href="https://mstdn.moimeme.ca/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> <a href="https://mstdn.moimeme.ca/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a></p>
Senioradmin<p><a href="https://social.tchncs.de/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> 9.8 und höher kommt allmählich auf die Server. Da wird die Option PerSourcePenalties interessant (siehe <a href="https://undeadly.org/cgi?action=article;sid=20240607042157" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">undeadly.org/cgi?action=articl</span><span class="invisible">e;sid=20240607042157</span></a> ) die fail2ban u.ä. überflüssig machen könnte.</p><p>Konfig-Beispiele sind aber noch rar gesät. Nach der manpage zu urteilen, sollte aber </p><p>PerSourcePenalties authfail:3600s</p><p>dafür sorgen dass IPs, die Brute-Force Attacken fahren für 1 Stunde geblockt werden, korrekt? </p><p><a href="https://social.tchncs.de/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a></p>
Peter N. M. Hansteen<p>OpenSSH 10.0 Released <a href="https://www.undeadly.org/cgi?action=article;sid=20250410053152" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">undeadly.org/cgi?action=articl</span><span class="invisible">e;sid=20250410053152</span></a> <a href="https://mastodon.social/tags/openbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openbsd</span></a> <a href="https://mastodon.social/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a> <a href="https://mastodon.social/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a> <a href="https://mastodon.social/tags/security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>security</span></a> <a href="https://mastodon.social/tags/networking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>networking</span></a> <a href="https://mastodon.social/tags/development" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>development</span></a> <a href="https://mastodon.social/tags/newrelease" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>newrelease</span></a> <a href="https://mastodon.social/tags/devops" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>devops</span></a> <a href="https://mastodon.social/tags/sysadmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>sysadmin</span></a> <a href="https://mastodon.social/tags/freesoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>freesoftware</span></a> <a href="https://mastodon.social/tags/libresoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>libresoftware</span></a></p>
ティージェーグレェOoph, updated the sshd-session.c patch that MacPorts uses (to try to sandbox things, whoever did that was before my time) and while the patch I modified applies OK, the OpenSSH 10.0p1 build still fails with MacPorts' additional "special sauce".<br><br>I updated the Trac issue with as far as I got here:<br><br><a href="https://trac.macports.org/ticket/72317" rel="nofollow noopener noreferrer" target="_blank">https://trac.macports.org/ticket/72317</a><br><br>But I need to step AFK for a while and won't be able to look at this again for several hours.<br><br>If others want to take a crack at it and fix whatever I failed to get correct, contributions are more than welcome!<br><br>Thanks!<br><br>(and here I was thinking the legacy_dsa variant removal would be my potential stumbling block. Nope! <i>sigh</i> I should have tested the snapshot more thoroughly I guess, but I still don't have a functional mpbb locally and I don't even want to get into my "methodology" for diffing this stuff locally, it's basically line by line with not such great tools.)<br><br>Near as I can discern sshd-session.c got reworked a bit since 9.9p2 and my shoot from the hip attempt is insufficient.<br><br><a href="https://snac.bsd.cafe?t=openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#OpenSSH</a> <a href="https://snac.bsd.cafe?t=macports" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#MacPorts</a><br>
r1w1s1OpenSSH 10.0 is out! 🎉<br>One of the most critical tools in any Unix admin’s toolbox just got even better.<br><br>📜 Release notes: <a href="https://www.openssh.com/releasenotes.html#10.0p1" rel="nofollow noopener noreferrer" target="_blank">https://www.openssh.com/releasenotes.html#10.0p1</a><br><br>Huge thanks to the OpenSSH devs for keeping the Internet safer with every release.<br><br><a href="https://snac.bsd.cafe?t=openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openssh</a> <a href="https://snac.bsd.cafe?t=linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#linux</a> <a href="https://snac.bsd.cafe?t=openbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openbsd</a> <a href="https://snac.bsd.cafe?t=bsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#bsd</a><br>
Raven<p>OpenSSH 10.0 released with hybrid post-quantum algorithm mlkem768x25519-sha256 as default key agreement, new cipher preference list, new options, bug fixes</p><p><a href="https://www.openssh.com/releasenotes.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">openssh.com/releasenotes.html</span><span class="invisible"></span></a></p><p><a href="https://mastodon.bsd.cafe/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a> <a href="https://mastodon.bsd.cafe/tags/openbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openbsd</span></a> <a href="https://mastodon.bsd.cafe/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.bsd.cafe/tags/secureshell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>secureshell</span></a> <a href="https://mastodon.bsd.cafe/tags/postquantumcryptography" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>postquantumcryptography</span></a></p>
LavX News<p>OpenSSH 10.0: A Leap Forward in Secure Shell Technology</p><p>The release of OpenSSH 10.0 introduces significant enhancements in security and functionality, solidifying its status as a cornerstone of secure communications in the tech industry. With new features ...</p><p><a href="https://news.lavx.hu/article/openssh-10-0-a-leap-forward-in-secure-shell-technology" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://</span><span class="ellipsis">news.lavx.hu/article/openssh-1</span><span class="invisible">0-0-a-leap-forward-in-secure-shell-technology</span></a></p><p><a href="https://mastodon.cloud/tags/news" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>news</span></a> <a href="https://mastodon.cloud/tags/tech" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>tech</span></a> <a href="https://mastodon.cloud/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> <a href="https://mastodon.cloud/tags/Ed25519" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Ed25519</span></a> <a href="https://mastodon.cloud/tags/SecureShell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecureShell</span></a></p>
Bryan Steele :flan_beard:<p><a href="https://bsd.network/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> 10.0 release notes: <a href="https://www.openssh.com/txt/release-10.0" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://www.</span><span class="">openssh.com/txt/release-10.0</span><span class="invisible"></span></a></p><p>In addition to removing DSA, this splits the user authentication code from the sshd-session binary into a separate sshd-auth binary. Also only <a href="https://bsd.network/tags/OpenBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenBSD</span></a>, this new sshd-authd is relinked on boot, just like sshd-session & sshd.</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@JessTheUnstill" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>JessTheUnstill</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@Pibble" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Pibble</span></a></span><br><br>And yes, I treat all devices as insecure and would rather invest the time and effort needed get <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechIlliterates</span></a> up to speed on the <a href="https://infosec.space/tags/OfflinePGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OfflinePGP</span></a> <a href="https://www.youtube.com/watch?v=vdab4T_CoN8" rel="nofollow noopener noreferrer" target="_blank">method!</a></p><ul><li>Sounds cumbersome, but when your threat model literally goes against the #1 <a href="https://infosec.space/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hacking</span></a> <a href="https://infosec.space/tags/Regime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Regime</span></a> (<a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USA</span></a>) with more <a href="https://infosec.space/tags/Exploits" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Exploits</span></a> stockpiled than any hacking forum (cuz <a href="https://infosec.space/tags/NOBUS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NOBUS</span></a> <a href="https://en.wikipedia.org/wiki/NOBUS" rel="nofollow noopener noreferrer" target="_blank">doctrine</a>), you gotta have to upgrade.</li></ul><p>Given the cheapness of storage (legitimate 1TB microSD cards exist and they ain't 4-digit items!) I'd legitimately look into <a href="https://infosec.space/tags/OTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OTP</span></a> <a href="https://infosec.space/tags/encryption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>encryption</span></a> and (<em>IF I had the €€€€€€ to do so!</em>) would even sponsor implementing it in <a href="https://infosec.space/tags/OpenVPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenVPN</span></a>, <a href="https://infosec.space/tags/WireGuard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WireGuard</span></a> and <a href="https://infosec.space/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> (for <a href="https://infosec.space/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a>-Tunmeling).</p><ul><li>The <a href="https://infosec.space/tags/US" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>US</span></a> is a <a href="https://infosec.space/tags/RogueNation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RogueNation</span></a> with a Rogue Government! The sooner we accept this reality the sooner we can not only adjust to it but act accordingly…</li></ul><p>I <em>sincerely wish</em> y'all could legitimately call me a tinfoilhat but so far I've been proven right all the time...</p>
Tomáš<p><a href="https://merveilles.town/tags/unix_surrealism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>unix_surrealism</span></a> <a href="https://merveilles.town/tags/openbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openbsd</span></a> <a href="https://merveilles.town/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a> <a href="https://merveilles.town/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a> <a href="https://merveilles.town/tags/comic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>comic</span></a> <a href="https://merveilles.town/tags/runbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>runbsd</span></a> <a href="https://merveilles.town/tags/fish" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fish</span></a> <a href="https://merveilles.town/tags/puffy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>puffy</span></a></p>
Morten Linderud<p>Did a new release of `ssh-tpm-agent`, `v0.8.0`.</p><p>Notable changes is hierarchy keys, keyctl backed passwords and some preliminary landlock support.</p><p><a href="https://github.com/Foxboron/ssh-tpm-agent/releases/tag/v0.8.0" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">github.com/Foxboron/ssh-tpm-ag</span><span class="invisible">ent/releases/tag/v0.8.0</span></a></p><p><a href="https://chaos.social/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> <a href="https://chaos.social/tags/TPM" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TPM</span></a> <a href="https://chaos.social/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://chaos.social/tags/Golang" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Golang</span></a> <a href="https://chaos.social/tags/landlock" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>landlock</span></a></p>
Jonathan Matthews<p>What do you use to manage the contents of ~/.ssh/authorized_keys?<br>Roughly, in how many distinct remote locations do you manage that file?<br>Do they generally contain the same set of keys, or is there some variation? <a href="https://fosstodon.org/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a> <a href="https://fosstodon.org/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> <a href="https://fosstodon.org/tags/SysAdmin" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SysAdmin</span></a> <a href="https://fosstodon.org/tags/DevOps" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DevOps</span></a></p>
Garrett Wollman<p>Suppose you have `AllowUsers foo` set in sshd_config. Normally, this will result in logs like:</p><p>[date] [host] sshd-session[pid]: Invalid user ubuntu from 195.178.110.18 port 44128</p><p>But sometimes, you see this instead:</p><p>[date] [host] sshd-session[pid]: error: PAM: Authentication error for illegal user centos from 82.193.122.91</p><p>What are the circumstances in which the attacker is able to get through sshd to interact with the PAM stack despite having given a non-permitted login? <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.social/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
LoginDrag & drop to upload