Tootfinder

Something on my #NixOS is starting `ssh-agent -s` (PID1) and it drives me mad because I can't find what it is. I use programs.ssh.startAgent=true, which sets the SSH_AUTH_SOCK=$XDG_RUNTIME_DIR/ssh-agent, which I want. In the dumb tty (CTRL ALT F2) I get that value. Interactively in XFCE I get SSH_AUTH_SOCK=~/.ssh/agent/*bla*, which I don't want. Gnome keyring is disabled, that gcr ssh thing…

It looks like JuiceSSH, my go-to SSH client on Android for over a decade, has been delisted. Requesting recommendations of a good replacement app!

Old enough to have done the migration from telnet to ssh, but only just.

ahh, the good old times before ssh and its smug encryption
https://www.openwall.com/lists/oss-security/2026/01/20/2

Today, I learned that emacs can access remote files:
/ssh:<host>:<path>
Why do I feel like I should have known this like thirty years ago?

Today I learned that you can restrict the permissions of an SSH key to just one single command. This is particularly useful if you are forced to use a passwordless key!
https://www.ssh.com/academy/ssh/authorized-keys-openssh#command="cmd"

Exosphere:
― aggregated patch and security update reporting
― basic system status across multiple Unix-like hosts via SSH
<https://exosphere.readthedocs.io/> | <

MaxAuthTries is lower than the number of keys loaded into your SSH agent and you get an authentication error even if you have the key loaded?
Do you use Bitwarden to store your keys and you don't want all of them to be always exposed?
Do you want a clear log of which application uses which key and when?
You could give this a spin: https://

Running legacy services directly on a public IP is a mess in 2026.
I've got a toy project listening on :23 (Telnet) and :22 (SSH), on a public IP. I've only shared this information with a few friends. Scanners are finding it.
I had to put a “enter nnnn at the prompt" on the Telnet port.
Tonight's new abuse: one SSH connection but MANY session channels within that connection, probing for accounts (on a system that is not serving login/shell on this ssh port)…

An alle #Linux #Admins 2-Faktor-Authentifizierung ist ja ein Ding. Macht man das auch für #ssh?

Legacy IRC Botnet Leverages Automated SSH Exploit Pipeline to Mass-Enroll Linux Hosts
Identified through data captured by our SSH honeypots over two months, this campaign represents a sophisticated blend of eras. It merges “old-school” Internet Relay Chat (IRC) botnet tactics from the late 2000s with modern, automated mass-compromise techniques.
🖥️ htt…

This is heresy; and moreover, it's gross and bad that anyone would want it
"I Cannot SSH Into My Server Anymore (And That’s Fine)" https://soap.coffee/~lthms/posts/i-cannot-ssh-into-my-server-anymore.html

When copying a directory recursively to another machine which runs ssh, do you…

Od jakiegoś czasu powoli migruje wszystko "do siebie". Wszystko, co mam w internecie, chciałbym móc czy to wystawiać na VPSie, czy nawet w przyszłości przenieść na swój własny serwer.

Ostatnio na tapetę wziąłem cały setup git'a, ale niee, nie mogłem zainstalować sobie Forgejo i mieć spokój.

Postanowiłem skonfigurować swoją mailing listę, aby cały setup był możliwie jak najmniejszy (jak teraz widzę nie najprostrzy). Bare repozytoria po ssh, cgit, mailing lista z serw…

Vor ein paar Tagen habe ich endlich mal Samba auf OpenMediaVault aktiviert und wollte es für Backups der Endgeräte nutzen. Aber ich konnte mich partout nicht anmelden.
Tja …
> Why the login keeps saying access denied? This is more likely caused by two things: […] Out of sync password in between linux and Samba. This is very rare but it has happened. Test in ssh the following [tt]smbpasswd username[/tt] enter password and try and login again
"Very rare", aber in…

How it started:
Too many authentication failures
How it's going:
create mode 120000 dotfiles/ssh/SHA256:APNBDduY7Wz2GYjHV9OJlRl4SegLIJinpdKwb7rqTSM.pub
create mode 100644 dotfiles/ssh/SHA256:PR6dOdv4BeIa_Bgln8GVISrgS2OPoC_S8ptW_x9_x_Y.pub
create mode 100644 dotfiles/ssh/SHA256:b9lcI3kl4Grt7_T8H463HD6vOIuc0DRn0KJOvtfZLgU.pub
create mode 100644 dotfiles/ssh/SHA256:oLXRyMj8qKf5eyHLADbSD8L-xNQrAq0QblnC8O0xu1M.pub
create mode 100644 dotfiles/ssh/SHA256:pnd4AkiTzyAifh3RI8hkPfgMNLBVoyz9MCJBWTYO1qE.pub

Guten Morgen ;D
Hab meinen freien Tag,. aber sitze hier mit grossen Schmerzen ;( Seis drum ..
#frage Kennt jemand einen SSH-Clienten, der bei Benutzung von SSH-Keys Hilfestellung gibt ?
Ich will nicht hören, das SSH-Keys sehr leicht sind, das man auch die Console nutzen kann.

from my link log —
snakes.run: rendering 100M pixels a second over ssh.
https://eieio.games/blog//blog/secure-massively-multiplayer-snake/
saved 2026-02-26

snakes.run: rendering 100M pixels a second over ssh · eieio.games
snakes.run is a massively multiplayer snake game that uses the Secure Snake Home (SSH) protocol. It can render 100M pixels a second.

Ik vind het zo leuk dat je NOS Teletekst ook via SSH kunt lezen!
Gewoon `ssh teletekst.nl` intypen in de terminal. Geniaal!
#nos #teletekst #ssh

Hab gerade angefangen Ghostty unter macOS lieb zu gewinnen, aber einen nervigen Bug entdeckt wenn Vim über SSH verwendet wird.
Die gute Nachricht: Es gibt wohl einen Fix.
Die schlechte Nachricht: Der Fix ist erst im kommenden Release, für das es noch keine geplante Veröffentlichung gibt :(
https://githu…

Running legacy services directly on a public IP is a mess in 2026.
I've got a toy project listening on :23 (Telnet) and :22 (SSH), on a public IP. I've only shared this information with a few friends. Scanners are finding it.
I had to put a “enter nnnn at the prompt" on the Telnet port.
Tonight's new abuse: one SSH connection but MANY session channels within that connection, probing for accounts (on a system that is not serving login/shell on this ssh port)…

RE: #xfce starting its own ssh-agent. It can be disabled like this (or via…

TIL: you can use age and ssh keys to encrypt/decrypt files
> RECIPIENT can be an age public key generated by age-keygen ("age1...")
or an SSH public key ("ssh-ed25519 AAAA...", "ssh-rsa AAAA...").
#age #security

I can't see my problem trying to connect from my #9front laptop to an #openSUSE PC via ssh. The ssh command returns a "read1: eof" error.
I regenerate the RSA key with a 4096 bytes size and that isn't the problem. 😞
I can connect from other OS to that computer. …

With Bitwarden, you can store your SSH keys and use the desktop app to expose a SSH agent socket.
Some SSH servers have a MaxAuthTries configured with a low value.
If you use a SSH agent loaded with more keys that the MaxAuthTries value, and the required key is not in the MaxAuthTries first tried keys, you get an authentication error.
In CLI, you just pop a new SSH agent, load it with the "only key you need" and off you go.
With Bitwarden, you cannot do that (I …

…dann schauen wir mal, warum der SBC im Netz zwar pingt, aber SSH verweigert. Serial to the rescue…

Telnet is a remote login protocol that became obsolete in 1995 when SSH became available because SSH offers transport encryption while telnet does not.
Those who kept a telnetd running for whatever reason (and did not hide it behind a firewall) have had a root backdoor for the last ten years.
The telnetd server invokes /usr/bin/login (normally running as root) passing the value of the USE…

#socialcoop So our Meet.Coop instance has been down for 3 weeks, and from what I see on https://forum.meet.coop/t/meet-coop-update-october-2025/1739/47, it's not clear w…

Meet.coop update October 2025
Me and Nick worked on the servers again today. Everything me and Nick have access to is now backed up now using encrypted backups (Restic and Borgbase). For anyone wondering this is the current plan with recordings: Can I recover my recordings despite service being down? - #3 by kawaiipunk Unfortunately we still don’t have all the access we need to complete our work. We are still missing: ssh/root access to ca.meet.coop Keycloak sso.meet.coop master realm access Hetzner account access - f…

I have a test case for libscopehal that has recently started failing in the GitHub CI environment with a SIGSEGV.
The same test, run on any of my machines, passes even when run under asan.
Anybody have ideas on how to debug? The limited visibility into the CI environment is annoying, I can't like ssh in and run gdb or something.

#Swift Concurrency as a call-out feature makes my inner engineer happy.
(Also, super interesting idea; shared with me by @… )
https://…

✅ Immediate action required: Update to GNU Inetutils 2.8 or migrate to #SSH for secure remote access
https://nvd.nist.gov/vuln/detail/CVE-2026-24061

Many #Terraform providers using SSH do not check the SSH host key... they just run with ssh.InsecureIgnoreHostKey...
And to be honest, it is partly the fault of the SSH standard library which makes it super easy to ignore the host key and does not provide any useful builtin key verification function. People are lazy. ssh.FixedHostKey is niche.
So I implemented a small library to v…

sshhostkey
Provides a SSH HostKeyCallback builder to check keys with known_hosts files, entries or SSHFP (over classic DNS, DoT and DoH)

from my link log —
SSH has no Host header: virtual hosting based on user public keys.
https://blog.exe.dev/ssh-host-header
saved 2026-01-22 https://

I had some weird ass Jellyfin issues so I tried to log into my NAS with the web interface to check on it and could not... so I SSH'd into it to do a reboot and somehow instead rebooted the computer I was sitting at. Went to a different computer to try and that one was powered off. Went back to the one I rebooted on accident and it didn't reboot so I started it up. Went back to the other one and it was up so I used that one.
Self hosting puts you in control.

ssh tiny.christmas

lovely Christmas server by @… and shared by @…

Ooh oooooo! So close, and yet nada. Booted out at the last second. BUT, I feel like i am on the cusp of making this work...
PS C:\Users\user> ssh user1@10.64.34.200
Use the password for your Office 365 or Microsoft online login.
(user1@10.64.34.200) Entra Id Password:
Open your Authenticator app, and enter the number '60' to sign in.
No push? Check your mobile device's internet connection.
Connection closed by 10.64.34.200 port 22
PS C:…

Just ran a successful non-interactive build and test cycle of ngscopeclient in a Debian VM with a PCIe passthrough GPU.
Just start the VM from the snapshot, paste a handful of shell commands into a SSH session, and I get this.
Still need to work out how to actually spawn the VM, specify the hash I want to build, shut it down and revert when done, etc.
Took only three and a half minutes on this instance (16GB RAM, 16 vCPU, GTX 1630) which is pretty decent considering there w…

- ¿Y qué tal te lo has pasado esta tarde?
- Super bien, he estado depurando conexiones ssh a dos servidores y leyendo código fuente en C para encontrar un problema y lo he arreglado
- ....
- Ke?

Checking out, before cooking, that guide by @… .Installing VoidLinux, zfs, encryption and hibernation. Gonna follow all those steps meticioulsy., but not today.
It is no surprise ssh works ootb on Slackware.
Pots and pans are calling, happy xmas all!!

🖥️ Less relevant for server environments using SSH keys – primarily affects desktop users
https://www.heise.de/en/news/sudo-rs-shows-password-asterisks-by-default-break-with-Unix-tradition-11193037.html

sh is not a shell
SSH is not a protocol

Poszło od ręki - niesamowity ten nixos-anywhere... Cały system przekonwertowany od tak, zero USB, żadnego piKVM, nic. Cała konwersja po SSH z partycjonowaniem i postawieniem dosłownie wszystkich serwisów 1-1 co miałem przetestowane na vmce. Jedna komenda, kilka minut i wszystko od A-Z od filesystemu, użytkowników, wszystkich narzędzi, wszystkie serwisy, dosłownie wszystko postawione ot, tak...

Teraz tylko skopiowanie ~7.5TB danych przez pewnie całą noc i po sprawie.

0 Ansiblea, 0…

Ich hatte nicht auf meiner sprichwörtlichen Bingo-Karte, dass die Vermenschlichung der Maschine dadurch passiert, dass claude mich über ssh auf meinem Handy fragt, wie der Beweis weiter geht...
Das ist erschreckend ähnlich zu Nachrichten die ich mir mit Menschen so schicke.

from my link log —
soft-serve: a self-hostable git ssh server for the command line.
https://github.com/charmbracelet/soft-serve
saved 2026-02-26 https://

GitHub - charmbracelet/soft-serve: The mighty, self-hostable Git server for the command line🍦
The mighty, self-hostable Git server for the command line🍦 - charmbracelet/soft-serve

Ugh, my personal git server uses a pre-2022 version of sshd - and now, when I do anything, I get a warning that I'm not using post-quantum keys.
We should be moving to PQ methods, yes, but I don't think anyone will convince me that mass "store now, decrypt later" quantum attacks will ever really be a thing - the opportunity cost will always be too high.
This is a VPN-advert level of unnecessary caution.
(You can set "LogLevel ERROR" in an ssh_con…

FYI all, portainer is giving away 3 node business licenses. #kubernetes support since the last time I visited their site, so I'm interested in checking how well that interacts with #talos.
Some of my #homelab machines currently just run a few containers in #docker_compose stacks for services my #homeassistant server is using like node red and I've been using #portainer for simple things like checking status or restarting things without having to ssh into those workers. Most of those containers are going to get migrated into my #k8s cluster, so it'll be interesting to see how well it works as a quick web interface.
@…

Okay, I think this thing is ready-enough to tell people about it.
I made a #BBS to watch aircraft near #YUL (#Montreal airport), through my home #ADSB