Ars Technica

ssh on debian

OK, I give up, so here goes:<P>I had a server with sshd default install in red hat. I could ssh to it from both my internal network and from outside through my router.<P>I switched to Debian, and I ...
Threat Post

Audit of GitHub SSH Keys Finds Many Still Vulnerable to Old Debian Bug

An audit of the SSH keys associated with more than a million GitHub accounts shows that some users have weak, easily factorable keys and many more are using keys that are still vulnerable to the ...
ITWire

iTWire - Debian's worst nightmare - and how it came about

Russell, who is well known for his work on the security-enhanced Linux project, said the new Debian OpenSSH packages would check for and reject broken keys. "I am not aware of other distributions ...
InfoQ

GitHub Revoked Compromised and Unsecure SSH Keys

A monthly overview of things you need to know as an architect or aspiring architect. Unlock the full InfoQ experience by logging in! Stay updated with your favorite authors and topics, engage with ...
CSOonline

OpenSSH vulnerability regreSSHion puts millions of servers at risk

Researchers have uncovered a serious remote code execution vulnerability in the Open Secure Shell (OpenSSH) server that could let unauthenticated attackers obtain a root shell on servers and take them ...
heise online

RegreSSHion: Security gap in OpenSSH gives patient attackers root rights

Security researchers have revived an almost twenty-year-old vulnerability in the OpenSSH server and were able to use it to gain root privileges. During their research, they were able to develop a ...