putty-cac
BorgBackup
putty-cac | BorgBackup | |
---|---|---|
12 | 333 | |
451 | 10,559 | |
- | 1.3% | |
6.1 | 9.4 | |
22 days ago | 16 days ago | |
C | Python | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
putty-cac
-
NIST: Personal Identity Verification (PIV) of Federal Employees and Contractors
PuTTY-CAC was an interesting, although imperfect solution to using PIV/CAC cards together with SSH. I remember piloting it from 2013-2014 at an agency. Back then, it was maintained by Dan Risacher[0]. Nowadays it is maintained on GitHub[1] and adopted some interesting features like FIDO.
[0] https://risacher.org/putty-cac/
[1] https://github.com/NoMoreFood/putty-cac
-
Unix sockets, Cygwin, SSH agents, and sadness
>so I've been working on extending our support for hardware-backed SSH certificates to Windows
Interesting work & I wish him luck. The ability to use hardware SSH certs on Windows has been around for at least a decade now, but it hasn't been a seamless experience.
The other attempt I'm aware of is PuTTY-CAC[0]. The issue with PuTTY-CAC is that the server still needs to be configured to check the certificate against CRLs & PKI infrastructure. Even without that, it is still used in security-conscious organizations, like the US Department of Veteran Affairs [1], for example.
[0] https://github.com/NoMoreFood/putty-cac
[1] https://www.oit.va.gov/Services/TRM/ToolPage.aspx?tid=8714#
- ssh client FIDO2
-
SSH from any computer using FIDO2 resident key, multiple keys and hosts.
Seem like a fork as FIDO Key signing but that's all (https://github.com/NoMoreFood/putty-cac/releases/tag/0.77)
-
Using Yubikey inside RDP Session (Terminal Server)
There is a GitHub Issue by me which may be interesting for you... it is about PuTTY CAC, but maybe you find some useful information in that too.
-
How to secure SSH for Remote connections
If you have smartcards or FIDO2 security keys (Yubikeys), consider using something like PuTTY CAC (https://github.com/NoMoreFood/putty-cac) to provide cheap and easy multi-factor authentication. With FIDO2, specifically, you can force the SSH server to only accept security keys by setting the only allowed authentication method to be [[email protected]](mailto:[email protected]).
-
I have a simple use case: windows ssh to Linux
2) Get an SSH client which works with Windows. I'd like to suggest or a fork based on "Putty SSH" ( https://www.putty.org/ ) called "Putty CAC" (SSH) which as of late May 2022 also supports FIDO2 keys ( citation: https://github.com/NoMoreFood/putty-cac/issues/57 ) ( Site for Putty CAC (ssh): https://github.com/NoMoreFood/putty-cac ) (unlike the main Putty SSH as of July 22, 2022)
-
Single SSH key-pair for my local machine and all my remote servers? Or a custom SSH key-pair for each remote server?
If you want to be safer, look into using WebAuthn/FIDO2 hardware token. OpenSSH supports them since version 8.2, and if you're on Windows, putty-cac added support in the last release.
-
PuTTY CAC (Free, Opensource) FIDO Changes: Help Needed
The development branch for PuTTY CAC that has the FIDO change can be found here.
-
Call For Testers: PuTTY CAC 0.77 Pre-Release (FIDO Support)
For several years, I've been the lead developer for a fork of PuTTY called PuTTY CAC that focuses on 2FA. In addition to utilizing certificate-bound keypairs (via Windows CAPI or a PKCS library), I've recently added support for FIDO2 keys using the WebAuthn functionality in Windows 10+. I tentatively plan on releasing these changes shortly after upstream PuTTY 0.77 is released. The development branch binaries can be found here: putty-cac/binaries at fido_dev_branch · NoMoreFood/putty-cac (github.com).
BorgBackup
-
Ask HN: Open-source Windows 11 backup solutions
i use - and recommend - "borgbackup": for example with the "vorta" graphical frontend
* https://www.borgbackup.org/
* https://vorta.borgbase.com/install/windows/
just my 0.02€
- I Backup
- Ask HN: For what purposes do you use a Raspberry Pi?
-
Duplicity
I used this many, many years ago but switched to Borg[0] about five years ago. Duplicity required full backups with incremental deltas, which meant my backups ended up using too much disk space. Borg lets you prune older backups at will, because of chunk tracking and deduplication there is no such thing as an incremental backup.
[0] https://www.borgbackup.org/
-
What do you use for VPS backup? Would improved borg setup - pull mode - be enough? Or, do you use something else?
Currently, I'm auto-backing it up with borg (push mode) through wireguard tunnel to NAS behind ISP's CGNAT. The borg takes care of deduplication in SQL file, so incremental update (even in append-only mode) is very small for PostgreSQL dump.
- Borg CVE fix requires migration
-
Kopia: Open-Source, Fast and Secure Open-Source Backup Software
Borg 2 has been in development for nearly a year and a half [1] and may probably be released early next year, i.e., early 2024 (just a guess, seeing that even RC1 is not yet released and seems to have a lot of work to be done).
Does anyone know how Borg 1.x and 2 would compare to Kopia?
[1]: https://github.com/borgbackup/borg/issues/6602
- Home backup solution?
-
disc space is not freeing
You could use borgbackup.
- My deduplication solution written in Rust beats everything else: casync, borg...
What are some alternatives?
interesting-keys - Interesting collected (leaked) encryption/decryption keys
Duplicati - Store securely encrypted backups in the cloud!
KiTTY - :computer: KiTTY, a free telnet/ssh client for Windows
Duplicity - Unnoficial fork of Duplicity - Bandwidth Efficient Encrypted Backup
win-gpg-agent - [DEPRECATED] Windows helpers for GnuPG tools suite
Rsnapshot - a tool for backing up your data using rsync (if you want to get help, use https://lists.sourceforge.net/lists/listinfo/rsnapshot-discuss)
hiba - HIBA is a system built on top of regular OpenSSH certificate-based authentication that allows to manage flexible authorization of principals on pools of target hosts without the need to push customized authorized_users files periodically.
restic - Fast, secure, efficient backup program
OpenSC - Open source smart card tools and middleware. PKCS#11/MiniDriver/Tokend
TimeShift - System restore tool for Linux. Creates filesystem snapshots using rsync+hardlinks, or BTRFS snapshots. Supports scheduled snapshots, multiple backup levels, and exclude filters. Snapshots can be restored while system is running or from Live CD/USB.
WindTerm - A professional cross-platform SSH/Sftp/Shell/Telnet/Serial terminal.
UrBackup - UrBackup - Client/Server Open Source Network Backup for Windows, MacOS and Linux