InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now. Learn more →
Openssh-portable Alternatives
Similar projects and alternatives to openssh-portable
-
src
Read-only git conversion of OpenBSD's official CVS src repository. Pull requests not accepted - send diffs to the tech@ mailing list.
-
Stream
Stream - Scalable APIs for Chat, Feeds, Moderation, & Video. Stream helps developers build engaging apps that scale to millions with performant and flexible Chat, Feeds, Moderation, and Video APIs and SDKs powered by a global edge network and enterprise-grade infrastructure.
-
-
-
-
-
-
-
InfluxDB
InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
-
-
-
-
-
-
awesome-console-services
A curated list of awesome console services (reachable via HTTP, HTTPS and other network protocols)
-
spiped
Spiped is a utility for creating symmetrically encrypted and authenticated pipes between socket addresses.
-
-
-
mac-ssh-confirm
Protect against SSH Agent Hijacking on Mac OS X with the ability to confirm agent identities prior to each use
-
-
ssh3
SSH3: faster and rich secure shell using HTTP/3, checkout our article here: https://arxiv.org/abs/2312.08396 and our Internet-Draft: https://datatracker.ietf.org/doc/draft-michel-ssh3/
-
SaaSHub
SaaSHub - Software Alternatives and Reviews. SaaSHub helps you find the best software and product alternatives
openssh-portable discussion
openssh-portable reviews and mentions
-
20 years of Git. Still weird, still wonderful
Oh yeah, SSH signing is incredible. I've also migrated to it and didn't look back.
A couple of differences:
- it's possible to specify signing keys in a file inside the repository, and configure git to verify on merge (https://github.com/wiktor-k/ssh-signing/). I'm using that for my dot config repo to make sure I'm pulling only stuff I committed on my machines.
- SSH has TPM key support via PKCS11 or external agents, this makes it possible to easily roll out hardware backed keys
- SSH signatures have context separation, that is it's not possible to take your SSH commit signature and repurpose it (unlike OpenPGP)
- due to SSH keys being small the policy file is also small and readable, compare https://github.com/openssh/openssh-portable/blob/master/.git... with equivalent OpenPGP https://gitlab.com/sequoia-pgp/sequoia/-/blob/main/openpgp-p...
-
Debian opens a can of username worms
I wonder how this will affect ssh. OpenSSH recently restricted more characters for valid usernames: https://github.com/openssh/openssh-portable/commit/7ef3787c8...
-
RegreSSHion: RCE in OpenSSH's server, on glibc-based Linux systems
which lacks the #ifdef.
What could have prevented this? More eyes on the pull request? It's wild that software nearly the entire world relies on for secure access is maintained by seemingly just two people [2].
[1] https://github.com/openssh/openssh-portable/commit/752250caabda3dd24635503c4cd689b32a650794
- OpenSSH introduces options to penalize undesirable behavior
- OpenBSD – sshd(8) split into multiple binaries
-
New startup sells coffee through SSH and exclusively through SSH
Default for the last 24 years according to https://github.com/openssh/openssh-portable/blame/385ecb31e1...
-
Systemd Wants to Expand to Include a Sudo Replacement
They didn't need to use the library to make use of the systemd notify mechanism, which is simple to interface and quite a nice feature in the first place.
The free-standing implementation: https://github.com/openssh/openssh-portable/commit/08f579231...
-
Terrapin Attack for prefix injection in SSH
Unless I'm misunderstanding what this is about RFC5647 merely points out that the sequence number is included as AAD due to RFC4253 requirements. The [email protected] specification is not exactly the most rigorous thing I've ever seen (https://github.com/openssh/openssh-portable/blob/master/PROT...) but reading it, the sequence number is only included in the IV, and not as AAD, which directly runs afoul of the RFC4253 section 6.4 requirement for it to be included in the MAC.
- SSH3: SSH using HTTP/3 and QUIC
-
SSH keys stolen by stream of malicious PyPI and NPM packages
The key layout is described in https://github.com/openssh/openssh-portable/blob/master/PROT... and you can view it pretty easily via
cat private_key_here | head -n -1 | tail -n +2 | base64 -d | xxd
One I created in 2016 is using aes256-cbc with bcrypt for the kdf, which isn't awful at all.
-
A note from our sponsor - InfluxDB
www.influxdata.com | 20 Jul 2025
Stats
openssh/openssh-portable is an open source project licensed under GNU General Public License v3.0 or later which is an OSI approved license.
The primary programming language of openssh-portable is C.