ssh-audit
mistborn
Our great sponsors
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ssh-audit
-
Terrapin Attack for prefix injection in SSH
No. Mitigations are available now. Follow the recommendations from ssh-audit (master version). [0]
0. https://github.com/jtesta/ssh-audit
- SSH-audit: SSH server and client security auditing
- Quick/simple question checking for SSH vulnerabilities
- Why so many bots?
-
How to secure my self-hosted website?
Match Address 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 PasswordAuthentication yes ```` You may audit your SSH service by https://github.com/jtesta/ssh-audit
-
Why does my SSH private key still work after changing some bytes? (2016)
Off topic: audit tool for OpenSSH config files.
Posted here because SSH algorithms are a moving target.
https://github.com/jtesta/ssh-audit/tree/e50ac5c84d46e902e02...
-
SFTP (SSH) Cipher Sanity Check
In addition to ssllabs, I'll recommend jtesta's ssh-audit.py
mistborn
-
Mistborn Selfhosted
Guys, anyone has experience with Mistborn ?
-
I want to run Nextcloud on my server running Jellyfin
There is a github project that rolls a Nextcloud instance and Jellyfin together in a docker install. It also rolls a bunch more stuff as well. https://gitlab.com/cyber5k/mistborn
-
Cannot get WireGuard and Pi-hole working for the life of me
try mistborn: https://gitlab.com/cyber5k/mistborn
-
vault warden behind vpn
https://gitlab.com/cyber5k/mistborn has wireguard and valtwarden built-in
-
Firewall settings, any advice for my setup?
So there is one other option you can run with - mistborn. Now, fair warning - if you want to run this on a pi....flash at least 100GB of storage space on a microssd and then for the OS I recommend a Ubuntu flavor of your choice. Ideally the latest one he has listed as successful on his table of distros that he successfully installed it on.
-
Ask HN: Share your new devbox setup process My own setup is included here
I find the fundamental problem with this sort of server setup script/config management is that they inevitably get quite personal. Nobody really wants to use another devs and when you try to allow for a lot of customisation they tend get byzantine and complex.
That said I still think it's worth sharing. If nothing else we can all usually cherry pick nice ideas from each other.
I had an entirely private set of Ansible roles I'd cobbled together that I started to put in a more shareable state a couple of years ago. It has little overlap with what you're putting together, but I do think you might find the way it separates personal Ansible config and the main project roles into separate directories (and thus different git repos) useful.
I really need to dust off my project and get it to a releasable state this year [momod](https://github.com/adrinux/momod).
I assume you've come across the many similar projects like [Sovereign](https://github.com/sovereign/sovereign), [Mistborn](https://gitlab.com/cyber5k/mistborn)
-
Wireguard Multihop VPN wg0 > wg1
https://gitlab.com/cyber5k/mistborn on my endpoint but route my traffic thru another another WG server first thus creating a multihop VPN in the interests of security
-
Folks, it's happening. The day I dreaded might be here soon.
I've been using selfhosted Nextcloud with OnlyOffice for years. I've yet to encounter something it can't handle. In fact I opened up my setup at the beginning of the pandemic so others could host their own: https://gitlab.com/cyber5k/mistborn
- minecraft server
- What’s some self hosted applications you can’t live without?
What are some alternatives?
Pritunl - Enterprise VPN server
tailscale - The easiest, most secure way to use WireGuard and 2FA.
testssl.sh - Testing TLS/SSL encryption anywhere on any port
wirehole - WireHole is a combination of WireGuard, Pi-hole, and Unbound in a docker-compose project with the intent of enabling users to quickly and easily create a personally managed full or split-tunnel WireGuard VPN with ad blocking capabilities thanks to Pi-hole, and DNS caching, additional privacy options, and upstream providers via Unbound.
yubikey-agent - yubikey-agent is a seamless ssh-agent for YubiKeys.
porn-vault - 💋 Manage your ever-growing porn collection. Using Vue & GraphQL
ufw-docker - To fix the Docker and UFW security flaw without disabling iptables
selfhosted-apps-docker - Guide by Example
tinyssh - TinySSH is small server (less than 100000 words of code)
rustdesk - An open-source remote desktop, and alternative to TeamViewer.
easy-admin - Scripts for easy system administration
Open and cheap DIY IP-KVM based on Raspberry Pi - Open and inexpensive DIY IP-KVM based on Raspberry Pi