openssh-portable
podman
openssh-portable | podman | |
---|---|---|
41 | 359 | |
2,817 | 21,729 | |
2.4% | 1.4% | |
9.4 | 10.0 | |
4 days ago | 7 days ago | |
C | Go | |
GNU General Public License v3.0 or later | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
openssh-portable
-
New startup sells coffee through SSH and exclusively through SSH
Default for the last 24 years according to https://github.com/openssh/openssh-portable/blame/385ecb31e1...
-
Systemd Wants to Expand to Include a Sudo Replacement
They didn't need to use the library to make use of the systemd notify mechanism, which is simple to interface and quite a nice feature in the first place.
The free-standing implementation: https://github.com/openssh/openssh-portable/commit/08f579231...
-
Terrapin Attack for prefix injection in SSH
Unless I'm misunderstanding what this is about RFC5647 merely points out that the sequence number is included as AAD due to RFC4253 requirements. The [email protected] specification is not exactly the most rigorous thing I've ever seen (https://github.com/openssh/openssh-portable/blob/master/PROT...) but reading it, the sequence number is only included in the IV, and not as AAD, which directly runs afoul of the RFC4253 section 6.4 requirement for it to be included in the MAC.
- SSH3: SSH using HTTP/3 and QUIC
-
SSH keys stolen by stream of malicious PyPI and NPM packages
The key layout is described in https://github.com/openssh/openssh-portable/blob/master/PROT... and you can view it pretty easily via
cat private_key_here | head -n -1 | tail -n +2 | base64 -d | xxd
One I created in 2016 is using aes256-cbc with bcrypt for the kdf, which isn't awful at all.
-
Microsoft signing keys were leaked
Interestingly, it looks like ssh-agent disables core dumps[1], but I don't see similar usage for sshd
1: https://github.com/openssh/openssh-portable/blob/694150ad927...
-
An Excruciatingly Detailed Guide to SSH (But Only the Things I Find Useful)
There's a current pull request for adding AF_UNIX support, which should make all kinds of exciting forwarding possible, since it will make it easy to proxy ssh connections through an arbitrary local process which can do anything to forward the data to the remote end.
https://github.com/openssh/openssh-portable/pull/431
-
Project on GitHub - Customizable Arch Linux Podman images based on the official Arch Linux Docker image
OpenSSH server (allows connecting to containers)
-
Funds of every Trust Wallet browser extension could have been stolen
It doesn't, at least not for generic/unmodified cryptographic applications.
WebAuthN signatures are of a very specific challenge/response format that applications need to explicitly support. For example, SSH had to add new key and signature formats [1] to support it.
Theoretically, a blockchain/cryptocurrency application could adopt the WebAuthN signature format as its canonical or an alternative signature format, but I'm not aware of any popular one having done so.
[1] https://github.com/openssh/openssh-portable/blob/master/PROT...
-
We updated our RSA SSH host key
I just tested it and looked at the code briefly; the client fortunately does seem to remove all keys not provided by the server: https://github.com/openssh/openssh-portable/blob/36c6c3eff5e...
It seems like at least a `known_hosts` compromise would be "self-healing" after connecting to the legitimate github.com server once.
podman
-
How I ended up using Colima for Docker on Apple Silicon
A lot of well-known Docker alternatives emerged at this point, the most commonly recommended of which must be Podman (along with Podman Desktop). This is what I use on my Windows machines, and this was the first solution that I tried on the Macbook as well.
-
Podman 5.0 has been released
Example of why: https://github.com/containers/podman/issues/5102#issuecommen...
-
Exploring 5 Docker Alternatives: Containerization Choices for 2024
Podman
- Podman 5.0.0: final release candidate
-
A Gentle Introduction to Containerization and Docker
Even though we will focus on Docker for this article, I wanted to mention that there are more container creation and management tools such as Podman, Rkt, and so on.
-
A Journey to Find an Ultimate Development Environment
By using containerization, the application will always have the same configuration that is used in the development environment and production environment. There is no more "It works on my machine". Some examples of containerization technologies are Docker and Podman.
-
Anatomy of Docker
Podman Documentation. Podman is a daemonless container engine for developing, managing, and running OCI Containers on your Linux System.
-
Exploring Podman: A More Secure Docker Alternative
AFAIK podman either already supports pods in quadlet container files, or will in the near future. https://github.com/containers/podman/pull/20762
-
Podman Desktop 1.6 released: Even more Kubernetes and Containers features
Podman as a devcontainers engine doesn't currently work if you use devcontainer features [1] or (and this sounds like you're issue) if you use WSL2.
I haven't submitted the WSL2 issue to the Podman team yet. If you get to it before I do, can you like it here?
https://github.com/containers/podman/issues/18691#issuecomme...
-
Oracle data base
You can also use their Oracle Linux Docker images with the database preinstalled using either Podman or Docker. Just make absolutely sure you are downloading something you are licensed to use, because it seems really easy to accidentally infringe copyright via this method.
What are some alternatives?
gentoo - [MIRROR] Official Gentoo ebuild repository
Portainer - Making Docker and Kubernetes management easy.
guardian-agent - [beta] Guardian Agent: secure ssh-agent forwarding for Mosh and SSH
lima - Linux virtual machines, with a focus on running containers
wezterm - A GPU-accelerated cross-platform terminal emulator and multiplexer written by @wez and implemented in Rust
kaniko - Build Container Images In Kubernetes
ssh-mitm - SSH-MITM - ssh audits made simple
rancher - Complete container management platform
mac-ssh-confirm - Protect against SSH Agent Hijacking on Mac OS X with the ability to confirm agent identities prior to each use
containerd - An open and reliable container runtime
ports - Read-only git conversion of OpenBSD's official cvs ports repository. Pull requests not accepted - send diffs to the ports@ mailing list.
nerdctl - contaiNERD CTL - Docker-compatible CLI for containerd, with support for Compose, Rootless, eStargz, OCIcrypt, IPFS, ...