openssh-portable
did-core
openssh-portable | did-core | |
---|---|---|
41 | 50 | |
2,817 | 392 | |
2.4% | 0.8% | |
9.4 | 0.6 | |
5 days ago | about 2 months ago | |
C | HTML | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
openssh-portable
-
New startup sells coffee through SSH and exclusively through SSH
Default for the last 24 years according to https://github.com/openssh/openssh-portable/blame/385ecb31e1...
-
Systemd Wants to Expand to Include a Sudo Replacement
They didn't need to use the library to make use of the systemd notify mechanism, which is simple to interface and quite a nice feature in the first place.
The free-standing implementation: https://github.com/openssh/openssh-portable/commit/08f579231...
-
Terrapin Attack for prefix injection in SSH
Unless I'm misunderstanding what this is about RFC5647 merely points out that the sequence number is included as AAD due to RFC4253 requirements. The [email protected] specification is not exactly the most rigorous thing I've ever seen (https://github.com/openssh/openssh-portable/blob/master/PROT...) but reading it, the sequence number is only included in the IV, and not as AAD, which directly runs afoul of the RFC4253 section 6.4 requirement for it to be included in the MAC.
- SSH3: SSH using HTTP/3 and QUIC
-
SSH keys stolen by stream of malicious PyPI and NPM packages
The key layout is described in https://github.com/openssh/openssh-portable/blob/master/PROT... and you can view it pretty easily via
cat private_key_here | head -n -1 | tail -n +2 | base64 -d | xxd
One I created in 2016 is using aes256-cbc with bcrypt for the kdf, which isn't awful at all.
-
Microsoft signing keys were leaked
Interestingly, it looks like ssh-agent disables core dumps[1], but I don't see similar usage for sshd
1: https://github.com/openssh/openssh-portable/blob/694150ad927...
-
An Excruciatingly Detailed Guide to SSH (But Only the Things I Find Useful)
There's a current pull request for adding AF_UNIX support, which should make all kinds of exciting forwarding possible, since it will make it easy to proxy ssh connections through an arbitrary local process which can do anything to forward the data to the remote end.
https://github.com/openssh/openssh-portable/pull/431
-
Project on GitHub - Customizable Arch Linux Podman images based on the official Arch Linux Docker image
OpenSSH server (allows connecting to containers)
-
Funds of every Trust Wallet browser extension could have been stolen
It doesn't, at least not for generic/unmodified cryptographic applications.
WebAuthN signatures are of a very specific challenge/response format that applications need to explicitly support. For example, SSH had to add new key and signature formats [1] to support it.
Theoretically, a blockchain/cryptocurrency application could adopt the WebAuthN signature format as its canonical or an alternative signature format, but I'm not aware of any popular one having done so.
[1] https://github.com/openssh/openssh-portable/blob/master/PROT...
-
We updated our RSA SSH host key
I just tested it and looked at the code briefly; the client fortunately does seem to remove all keys not provided by the server: https://github.com/openssh/openssh-portable/blob/36c6c3eff5e...
It seems like at least a `known_hosts` compromise would be "self-healing" after connecting to the legitimate github.com server once.
did-core
-
9 Things You Didn't Know About Decentralized Identifiers
In 1994, Tim Berners Lee, the creator of the World Wide Web, founded the World Wide Web Consortium (W3C). The W3C is made up of groups of people focused on setting the best practices and standards for building the web. For example, the W3C develops and maintains standards for HTML, CSS, Web Accessibility, and Web Security. In July 2022, The W3C officially published standards for Decentralized Identifiers. This way, technologists would have blueprint for building and managing digital identity as we make the shift towards controlling your identity on the internet. Check out the Decentralized Identifiers specification here.
-
Understanding Decentralized Identifiers for 10-year-olds
A few months ago, I started looking into decentralization on the web and how this could impact our world as we know it today - thanks to Web5 and our work at TBD. One of the biggest and most important pillars in achieving this decentralized future is called Decentralized Identifiers (DIDs).
-
Show HN: Did – Decentralized Public Information Network
Unfortunate choice of name, given https://www.w3.org/TR/did-core/.
-
Poll: Only 16% of Americans Support the Government Issuing a Central Bank Digital Currency
I'm also a software engineer, and I'm actively working on making it a thing in a parallel system (referenced above) lol. DIDs have been a standard for a while, and as someone who's had my SIN compromised (by Equifax of all places), our current way of handling ID is far easier to hack than a well implemented digital ID would be. Its actually asinine to me that I was compromised in 2016, and DID existed then... yet here we are 7 years later, with identity thefts only climbing year-over-year, and we still have antiquated, and clearly failing identity systems in place.
-
Official /r/rust "Who's Hiring" thread for job-seekers and job-offerers [Rust 1.70]
DESCRIPTION: We are looking for a Rust developer to join the team developing a cross-platform digital identity application using the Tauri framework and several (cloud-based) Rust components for Identity-as-a-Service solutions. We are a young start-up that is developing digital identity products and solutions for people and organizations, based on the decentralized identity standards. Our work includes developing open-source implementations of standards such as DID and Verifiable Credentials from W3C and OpenID4VC from the OpenID Foundation. Using this technology, people gain control over their own digital identities and data and can easily share verifiable information with third parties, enabling more privacy and digital trust.
-
S3 domain claimed on Bluesky by someone who doesn't own the domain
DID methods are the W3C solution to decentralized identity: https://www.w3.org/TR/did-core/
-
We updated our RSA SSH host key
https://www.w3.org/TR/did-core/#key-and-signature-expiration
"9.8 Verification Method Revocation" https://www.w3.org/TR/did-core/#verification-method-revocati...
Blockerts is built upon W3C DID and W3C Verified Credentials, W3C Linked Data Signatures, and Merkel trees (and JSON-LD). From the Blockerts FAQ
-
Privatizing Our Digital Identities
What do you think about Decentralized Identity (DIDs - https://www.w3.org/TR/did-core/)? With it, you can have several identities and easily generate new ones when needed (but you probably need to have a single, government-recognized identity for the real world).
Europe seems to be working hard on establishing an identity for every citizen: https://commission.europa.eu/strategy-and-policy/priorities-... (most countries already have that, but this is about unifying the various countries' ID systems).
-
Domain Names as Handles in Bluesky
Domain names as handles are a cool idea, and you can already do a variant of them in the "fediverse" either by hosting your own instance of a service or by configuring a WebFinger alias (which is what I do).
I'm less convinced by DIDs[1], which is what Bluesky seems to run on: I've yet to see an explanation for why the DID standard exists, given that it effectively punts all semantics (including basic things like cryptographic verification) onto unstandardized "methods" in an uncontrolled global namespace.
[1]: https://www.w3.org/TR/did-core/
-
Identity management solution for Ethereum: Ideas/Suggestions?
- very close is the foundation regarding Decentralized Identifiers by the W3C https://www.w3.org/TR/did-core/ // https://w3c.github.io/did-core/
What are some alternatives?
gentoo - [MIRROR] Official Gentoo ebuild repository
specification - Solid Technical Reports
guardian-agent - [beta] Guardian Agent: secure ssh-agent forwarding for Mosh and SSH
didkit - A cross-platform toolkit for decentralized identity.
wezterm - A GPU-accelerated cross-platform terminal emulator and multiplexer written by @wez and implemented in Rust
Specification - Base class with tests for adding specifications to a DDD model
ssh-mitm - SSH-MITM - ssh audits made simple
luds - lnurl specifications
mac-ssh-confirm - Protect against SSH Agent Hijacking on Mac OS X with the ability to confirm agent identities prior to each use
hcxdumptool - Small tool to capture packets from wlan devices.
ports - Read-only git conversion of OpenBSD's official cvs ports repository. Pull requests not accepted - send diffs to the ports@ mailing list.
challenge-bypass-extension - DEPRECATED - Client for Privacy Pass protocol providing unlinkable cryptographic tokens