openssh-portable
Mosh
Our great sponsors
openssh-portable | Mosh | |
---|---|---|
39 | 152 | |
2,796 | 12,189 | |
3.3% | 0.6% | |
9.4 | 4.6 | |
2 days ago | 12 days ago | |
C | C++ | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
openssh-portable
-
Terrapin Attack for prefix injection in SSH
Unless I'm misunderstanding what this is about RFC5647 merely points out that the sequence number is included as AAD due to RFC4253 requirements. The [email protected] specification is not exactly the most rigorous thing I've ever seen (https://github.com/openssh/openssh-portable/blob/master/PROT...) but reading it, the sequence number is only included in the IV, and not as AAD, which directly runs afoul of the RFC4253 section 6.4 requirement for it to be included in the MAC.
- SSH3: SSH using HTTP/3 and QUIC
-
SSH keys stolen by stream of malicious PyPI and NPM packages
The key layout is described in https://github.com/openssh/openssh-portable/blob/master/PROT... and you can view it pretty easily via
cat private_key_here | head -n -1 | tail -n +2 | base64 -d | xxd
One I created in 2016 is using aes256-cbc with bcrypt for the kdf, which isn't awful at all.
-
Microsoft signing keys were leaked
Interestingly, it looks like ssh-agent disables core dumps[1], but I don't see similar usage for sshd
1: https://github.com/openssh/openssh-portable/blob/694150ad927...
-
An Excruciatingly Detailed Guide to SSH (But Only the Things I Find Useful)
There's a current pull request for adding AF_UNIX support, which should make all kinds of exciting forwarding possible, since it will make it easy to proxy ssh connections through an arbitrary local process which can do anything to forward the data to the remote end.
-
Project on GitHub - Customizable Arch Linux Podman images based on the official Arch Linux Docker image
OpenSSH server (allows connecting to containers)
-
Funds of every Trust Wallet browser extension could have been stolen
It doesn't, at least not for generic/unmodified cryptographic applications.
WebAuthN signatures are of a very specific challenge/response format that applications need to explicitly support. For example, SSH had to add new key and signature formats [1] to support it.
Theoretically, a blockchain/cryptocurrency application could adopt the WebAuthN signature format as its canonical or an alternative signature format, but I'm not aware of any popular one having done so.
[1] https://github.com/openssh/openssh-portable/blob/master/PROT...
-
We updated our RSA SSH host key
I just tested it and looked at the code briefly; the client fortunately does seem to remove all keys not provided by the server: https://github.com/openssh/openssh-portable/blob/36c6c3eff5e...
It seems like at least a `known_hosts` compromise would be "self-healing" after connecting to the legitimate github.com server once.
- What do you think 1.20 will be called?
-
OpenAI Execs Say They're Shocked by ChatGPT's Popularity
And OpenVAS and OpenSSH and OpenBSD and OpenNN and OpenAFS and on and on and on
Mosh
-
The IDEs we had 30 years ago and we lost
If you haven’t already, and I know this doesn’t hold up for GUI emacs or vim, but consider running them through https://mosh.org/
- mosh: Mobile Shell
-
Write Your Own Terminal
FWIW, I wouldn't try to parse escape sequences "directly" from the input bytestream -- it's easy to end up with annoying bugs. Longer-term it's probably better to separate the logic e.g.:
- First step (for a UTF-8-input terminal emulator) means "lexing" the input bytestream as UTF-8 into a stream of USVs, which involves some subtleties (https://github.com/mobile-shell/mosh/blob/master/src/termina...).
- Second step is to run the DEC parser/FSM logic on the sequence of USVs, which is independent of the escape sequences (https://vt100.net/emu/dec_ansi_parser ; https://github.com/mobile-shell/mosh/blob/master/src/termina...).
- And then the third step is for the terminal to execute the "dispatch"/"execute"/etc. actions coming from the FSM, which is where the escape sequences and control chars get implemented (https://github.com/mobile-shell/mosh/blob/master/src/termina...).
Without this separation, it's easier to end up with bugs where, e.g., a UTF-8 sequence or an ANSI escape sequence is treated differently when it's split between multiple read() calls vs. all in one call.
-
Typing Fast Is About Latency, Not Throughput
Btw, you can use mosh to hide the latency of SSH. https://mosh.org/
-
How do I enable new pane/tab with CWD while using mosh?
I've been using Kitty's SSH features for as long as I can remember but I recently setup Mosh and I really like how it doesn't drop connections and supports roaming.
-
Buying an iPad Pro for coding was a mistake
I am surprised many people write about ssh into a server. Mosh[1] feels more responsive and it also supports longer sessions.
[1] - https://mosh.org/
-
Prompt2, heads up; they are readying up another version Prompt2 has been abandoned by devs since iOS 14 / 1y ago in a crashing state - Now they want to make another money-heist cash-grab from its users by forcing them to upgrade one of the most expensive apps of all time.
Also they support Mosh which I install on my servers. It's way better than plain ssh when you're on mobile networks and wifi, especially with connections that are unreliable or bandwidth-constrained.
- Zellij New WASM Plugin System
-
networkingStarterPack
I’ve recently been experimenting with MoSH (Mobile Shell). Basically think SSH but with UDP - so more resilient to shoddy network conditions, roaming access points, etc.
-
How can I get a lisp image to run in the background?
If it is not for production (e.g. running as a daemon or a server) and you only care about the development, another ad-hoc way is using screen/tmus-like software incl. byobu, and combine it with mosh.
What are some alternatives?
gentoo - [MIRROR] Official Gentoo ebuild repository
Eternal Terminal - Re-Connectable secure remote shell
guardian-agent - [beta] Guardian Agent: secure ssh-agent forwarding for Mosh and SSH
tmux - tmux source code
wezterm - A GPU-accelerated cross-platform terminal emulator and multiplexer written by @wez and implemented in Rust
Gravitational Teleport - Protect access to all of your infrastructure
ssh-mitm - SSH-MITM - ssh audits made simple
Advanced SSH config - :computer: make your ssh client smarter
mac-ssh-confirm - Protect against SSH Agent Hijacking on Mac OS X with the ability to confirm agent identities prior to each use
Code-Server - VS Code in the browser
ports - Read-only git conversion of OpenBSD's official cvs ports repository. Pull requests not accepted - send diffs to the ports@ mailing list.
PowerShell - PowerShell for every system!