@rollin_rob@social.linux.pizzaToday I learned that you can restrict the permissions of an SSH key to just one single command. This is particularly useful if you are forced to use a passwordless key!
https://www.ssh.com/academy/ssh/authorized-keys-openssh#command="cmd"
@gse@norden.socialGuten Morgen ;D
Hab meinen freien Tag,. aber sitze hier mit grossen Schmerzen ;( Seis drum ..
#frage Kennt jemand einen SSH-Clienten, der bei Benutzung von SSH-Keys Hilfestellung gibt ?
Ich will nicht hören, das SSH-Keys sehr leicht sind, das man auch die Console nutzen kann.
@x_cli@infosec.exchangeMany #Terraform providers using SSH do not check the SSH host key... they just run with ssh.InsecureIgnoreHostKey...
And to be honest, it is partly the fault of the SSH standard library which makes it super easy to ignore the host key and does not provide any useful builtin key verification function. People are lazy. ssh.FixedHostKey is niche.
So I implemented a small library to v…
@gwire@mastodon.socialUgh, my personal git server uses a pre-2022 version of sshd - and now, when I do anything, I get a warning that I'm not using post-quantum keys.
We should be moving to PQ methods, yes, but I don't think anyone will convince me that mass "store now, decrypt later" quantum attacks will ever really be a thing - the opportunity cost will always be too high.
This is a VPN-advert level of unnecessary caution.
(You can set "LogLevel ERROR" in an ssh_con…
