ssh-audit
tarsnap
Our great sponsors
ssh-audit | tarsnap | |
---|---|---|
21 | 11 | |
3,117 | 844 | |
- | 0.4% | |
8.5 | 8.4 | |
6 days ago | 17 days ago | |
Python | C | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
ssh-audit
-
Terrapin Attack for prefix injection in SSH
No. Mitigations are available now. Follow the recommendations from ssh-audit (master version). [0]
0. https://github.com/jtesta/ssh-audit
- SSH-audit: SSH server and client security auditing
- Quick/simple question checking for SSH vulnerabilities
- Why so many bots?
-
How to secure my self-hosted website?
Match Address 10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 PasswordAuthentication yes ```` You may audit your SSH service by https://github.com/jtesta/ssh-audit
-
Why does my SSH private key still work after changing some bytes? (2016)
Off topic: audit tool for OpenSSH config files.
Posted here because SSH algorithms are a moving target.
https://github.com/jtesta/ssh-audit/tree/e50ac5c84d46e902e02...
-
SFTP (SSH) Cipher Sanity Check
In addition to ssllabs, I'll recommend jtesta's ssh-audit.py
tarsnap
-
Where do you store your backups? What Provider if any?
Tarsnap for configs and critical stuff (password database, emails).
-
3,200-Year-Old Egyptian Tablet Records Excuses for Why People Missed Work
Someone does :)
https://tarsnap.com
> Tarsnap uses a prepaid model based on actual usage:
> Storage: 250 picodollars / byte-month of encoded data
-
What is the best private encrypted cloud storage?
Colin Percival's tarsnap
-
Ask HN: Codebases with great, easy to read code?
In past threads, people have mentioned enjoying my Tarsnap (https://github.com/Tarsnap/tarsnap) code. I personally think that the spiped (https://github.com/Tarsnap/spiped) code is even better.
-
I love the idea of tarsnap but a stable release hasn't been released since 2017. Is there a modern alternative, or is tarsnap actually still usable and secure?
I prefer Vorta myself ( https://github.com/borgbase/vorta ) as it also has incremental and encrypted backups, as well as being a fraction of the price, but tarsnap seems to still be in very-slow development: https://github.com/Tarsnap/tarsnap , so I'd say from a quick look it's still trustworthy.
- Restic: Backups Done Right
-
What's your backup strategy?
Each server also upload their configs and « important » data (my mails and git repos) to tarsnap 3. Tarsnap storage is not as cheap as B2, so I try not to upload too much data there, but it's reliable and easy to use. It was also my first backup solution, and barely cost me 10$ a year so I keep it as a secondary backup.
-
FreeBSD SSH Hardening
Not foolish! The Tarsnap client code is open source, but the license file prohibits anyone from using the code: https://github.com/Tarsnap/tarsnap/blob/master/COPYING
> Redistribution and use in source and binary forms, without modification,
- Deduplicating Archiver with Compression and Encryption
-
The Wrong Way to Switch Operating Systems on Your Server
Yes. For the curious,
https://github.com/Tarsnap/tarsnap/graphs/contributors
What are some alternatives?
Pritunl - Enterprise VPN server
BorgBackup - Deduplicating archiver with compression and authenticated encryption.
testssl.sh - Testing TLS/SSL encryption anywhere on any port
restic - Fast, secure, efficient backup program
yubikey-agent - yubikey-agent is a seamless ssh-agent for YubiKeys.
rclone - "rsync for cloud storage" - Google Drive, S3, Dropbox, Backblaze B2, One Drive, Swift, Hubic, Wasabi, Google Cloud Storage, Yandex Files
ufw-docker - To fix the Docker and UFW security flaw without disabling iptables
bupstash - Easy and efficient encrypted backups.
tinyssh - TinySSH is small server (less than 100000 words of code)
nixos-infect - [GPLv3+] install nixos over the existing OS in a DigitalOcean droplet (and others with minor modifications)
mistborn
Duplicacy - A new generation cloud backup tool