RegreSSHion Strikes | LINUX Unplugged 570
MP3•Episode home
Manage episode 427816311 series 3538723
Content provided by Jupiter Broadcasting. All podcast content including episodes, graphics, and podcast descriptions are uploaded and provided directly by Jupiter Broadcasting or their podcast platform partner. If you believe someone is using your copyrighted work without your permission, you can follow the process outlined here https://player.fm/legal.
We dig into the RegreSSHion bug, debate it's real threat and explore clever tools to build a tasty fried onion around your system.
Sponsored By:
- Core Contributor Membership: Take $1 a month of your membership for a lifetime!
- Tailscale: Tailscale is a programmable networking software that is private and secure by default - get it free on up to 100 devices!
- 1Password Extended Access Management: 1Password Extended Access Management is a device trust solution for companies with Okta, and they ensure that if a device isn't trusted and secure, it can't log into your cloud apps.
Links:
- 💥 Gets Sats Quick and Easy with Strike
- 📻 LINUX Unplugged on Fountain.FM
- Spokane Meetup - No-Li Brewhouse · JB Events on Gathio
- Plasma/Krunner Docs — Brent's tip: 'https://search.nixos.org/options?query={@}' (the '{@}' is the magic sauce)
- autossh — Automatically restart SSH sessions and tunnels
- autossh on GitHub
- Spokane Meetup — No-Li Brewhouse, Sat, Jul 13, 2024, 4:00 PM
- RegreSSHion — Remote Code Execution Vulnerability In OpenSSH Server
- regreSSHion — Remote Unauthenticated Code Execution Vulnerability in OpenSSH server.
- NixOS Security advisory: OpenSSH CVE-2024-6387 “regreSSHion” – update your servers ASAP
- Nasty regreSSHion bug affects around 700K Linux systems
- Qualys CVE-2024-6387 Write-up
- Letmein: Authenticating port knocker - Written in Rust — Letmein is a simple port knocker with a simple and secure authentication mechanism. It can be used to harden against pre-authentication attacks on services like SSH, VPN, IMAP and many more.
- fwknop: Single Packet Authorization > Port Knocking — fwknop stands for the "FireWall KNock OPerator", and implements an authorization scheme called Single Packet Authorization (SPA). This method of authorization is based around a default-drop packet filter
- Membership Summer Discount — Take $1 a month of your membership for a lifetime!
- Jeff links: How to run non-nix executables?
- pick: stu — TUI (Terminal/Text UI) application for AWS S3
1488 episodes