Linux Journal

Securing OpenSSH

If you are a systems administrator of one or more Linux/UNIX systems, OpenSSH is likely one of the most important tools in your toolbox. OpenSSH can be used interactively or embedded in scripts to ...
WeLiveSecurity

An In-depth Analysis of Linux/Ebury

In this blog post, we provide an in-depth analysis of Linux/Ebury - the most sophisticated Linux backdoor ever seen by our researchers. It is built to steal OpenSSH credentials and maintain access to ...
Simon Fraser University

[linux-security] Weaknesses in the SSH protocol

Topic ===== Possible to determine password length Problem description ===== Weaknesses in the SSH protocols can be used by a passive attacker to deduce information about passwords entered over an ...
Simon Fraser University

[linux-security] Alert: remote root exploit in openssh daemon

Topic ===== remote root exploit in ssh daemon Problem Description ===== There are two related vulnerabilities in the challenge response handling code in OpenSSH versions 2.3.1p1 through 3.3. They may ...
ITWire

iTWire - Life in the trenches: an OpenSSH developer speaks

There was a version of SSH available at the time, put out by a Finnish developer named Tatu Ylonen, but the licensing terms were rather restrictive. "It was initially a kind of permissive licence ...