Category: OpenSSH
Adventures in NetBSD/amd64 10.0
When the harddrives in the oldest virtualization server at $WORK died, I was virtually left without any test systems running the other BSDs and some select Linux distros. We have another virtualization server with plenty of resources, and I decided to try NetBSD/amd64 10.0-RELEASE, build a few packages, and upgrade the VM to 10.0-STABLE.
Read More → Adventures in NetBSD/amd64 10.0Hardening OpenSSH 9.6/9.7 in FreeBSD
While following the suggestions of https://github.com/jtesta/ssh-audit/wiki/FreeBSD and security/py-ssh-audit 3.2.0, I figured it’s better to make adjustments to the startup script in libexec/rc/rc.d/sshd.
Read More → Hardening OpenSSH 9.6/9.7 in FreeBSDCisco IOS (XE) and OpenSSH 8.x
OpenSSH marches on and disables old and insecure algorithms. Sadly, Cisco IOS (XE) lags behind. Previously, I could do all scp operations from the cli in the switches. Now, I must do everything from the management station. For now, I can get by if I allow some of the older key exchange (key agreement) algorithms. […]
Read More → Cisco IOS (XE) and OpenSSH 8.xHardening OpenSSH using ssh-audit
I recently came across security/py-ssh-audit@py38. Wielding this tool showed a lot to be improved.
Read More → Hardening OpenSSH using ssh-audit