Entry 36594 (Berkeley CSUA MOTD)

Berkeley CSUA MOTD:Entry 36594

WIKI \| FAQ \| Tech FAQ
`http://csua.com/feed/`

2025/05/26 [General] UID:1000 Activity:popular

5/26

2005/3/9-10 [Computer/SW/Security, Computer/SW/OS/FreeBSD] UID:36594 Activity:nil

3/9     OpenSSH 4.0 is out:
        Announcement: http://tinyurl.com/5aea4
        Portable: http://www.openssh.com/portable.html
        OpenBSD: http://www.openssh.com/openbsd.html
        Nifty new feature is the connection multi-plexing.
        \_ What is that?
           \_ Once you start one connection to a remote system, other
              connections will use the same key pair so you don't have
              to pay the cost of a new DH exchange (at least this is
              the impression I got from reading the mailing list)

ERROR, url_link recursive (eces.Colorado.EDU/secure/mindterm2) 2025/05/26 [General] UID:1000 Activity:popular

5/26

You may also be interested in these entries...

2012/8/26-11/7 [Computer/SW/Security] UID:54465 Activity:nil

8/26    Poll: how many of you pub/priv key users: 1) use private keys that
        are not password protected 2) password protect your private keys
        but don't use ssh-agent 3) use ssh-agent:
        1) .
        2) ..
        3) ...
	...

2012/8/29-11/7 [Computer/SW/Security] UID:54467 Activity:nil

8/29    There was once a CSUA web page which runs an SSH client for logging
        on to soda.  Does that page still exist?  Can someone remind me of the
        URL please?  Thx.
        \_ what do you mean? instruction on how to ssh into soda?
           \_ No I think he means the ssh applet, which, iirc, was an applet
              that implemented an ssh v1 client.  I think this page went away
	...

2011/4/27-7/30 [Computer/SW/Security, Computer/SW/Unix] UID:54096 Activity:nil

4/28    Will wall be fixed?   - jsl
        \_ What's wall?
           \_ An anachronism from a bygone era, when computers were hard to
              comeby, the dorms didn't have net, there was no airbears, and
              when phones didn't come standard with twitter or sms.
           \_ A non useful implementation of twitter.
	...

2009/7/8-16 [Computer/SW/OS/Linux, Computer/SW/Unix] UID:53124 Activity:nil

7/7     what happened to our web presence? http://www.csua.berkeley.edu
        not working
    \_ That would be because we've yet to set them up afaik. Steven *does* have
    a job after all. The idea is that we want a separate computer mounting the
    web directories, so that if an exploit compromises the webserver, the shell
    server (soda) itself will be insulated from the attack.
	...

2009/6/29-7/3 [Computer/SW/Security] UID:53083 Activity:low 53%like:53089

6/28    Hello everyone,
Logins to soda are back open.  The new ssh key is
2048 4b:96:67:18:27:da:XX:XX:XX:XX:XX:XX:XX:XX:XX:XX
Please allow public key authentication since it is more secure
than plain password. Also if you see this posting, it means
anybody could have posted the annoucement.  Because  the
	...

2009/6/29-7/3 [Computer/SW/Security] UID:53089 Activity:nil 53%like:53083

6/29    Please allow public key authentication since it is more
        secure than plain password.  If you see this posting, it
        means anybody could have posted the annoucement.  Because
        the official csua web site is still down., this makes it a
        little suspicious to the truly paranoid.
        p.s.  this web entry format is counter intuitive.  And how come
	...

2009/2/10-13 [Computer/SW/Security, Computer/SW/Unix] UID:52552 Activity:nil

2/10    I have an sh file that does a mount.. the mount does an
        authentication. I previosly stored the username and password
        from zenity prompts. However, I can't get a return on the password
        field. The following only works on the username:
        mount -t davfs "http://blahblah.com/BLahUser11" /mountdir << EOF
        ${username}
	...

2009/1/15-23 [Computer/SW/Languages/Java, Computer/SW/Security] UID:52394 Activity:nil

1/15    http://cwe.mitre.org/top25
        2009 CWE/SANS Top 25 Most Dangerous Programming Errors
        \_ "Avoid inconsistent messaging that might accidentally tip off
           an attacker about internal state, such as whether a username
           is valid or not."  Really?  Fuck you buddy.  I don't always
           remember what my goddamn username was on your stupid fucking
	...

2009/5/4-6 [Computer/SW/OS/Linux, Computer/SW/OS/FreeBSD] UID:52939 Activity:moderate

5/4     I would appreciate a reliability ranking between:
        1) OpenBSD
        2) OpenSolaris
        3) FreeBSD
        4) Debian-Stable
        5) Suse Linux Enterprise Server
	...

2009/4/17-23 [Computer/SW/OS/FreeBSD] UID:52867 Activity:low

4/17    If you have a general access AssOS machines, this is worth
        taking this seriously. --psb
  http://c-skills.blogspot.com/2009/04/udev-trickery-cve-2009-1185-and-cve.html
        <DEAD>admin.fedoraproject.org/updates/udev-127-5.fc10<DEAD>
        \_ What does this have to do with MS Windows?
           \_ psb is a bsd lover.
	...

2008/12/10-16 [Computer/HW/CPU, Computer/HW/Drives] UID:52220 Activity:moderate

12/9    Another idea for the CSUA that lets you spend money and maybe get some
    cool toys. Instead of buying a beefy server (like say, a massive server
    with 20 386DX processors), buy a few cheap machines (like the ones
    mentioned below) that have good disks and work on failover / load
    balancing. A netscaler or other piece of hardware is complete overkill,
    but maybe hacking an OpenBSD box could do the trick. The idea is that
	...

2007/7/17 [Computer/SW/Languages/C_Cplusplus] UID:47312 Activity:nil

7/13    CSUA Life Roster
1 point each for:                                               key:
                significant other (out of county rule applies)   G
                car (Chevy Novas do count)                       C
                housing (dorms DO NOT count)                     H
                own computer running reasonable multi-tasking OS U
	...

2007/7/13-16 [Computer/Networking] UID:47279 Activity:nil

7/13    I'm thinking about getting a Soekris 4501 to replace my the P2-400
        that is currently acting as my home firewall. Has anyone used a
        Soekris system for this purpose? If so, how well does it work? Also,
        if there are any alternatives (similar power/form factor), I would
        appreciate links to those as well. tia.
        \_ John got me to use a WRAP box similar to Soekris.  I use this one:
	...

2007/3/15-17 [Computer/SW/OS/FreeBSD] UID:45977 Activity:nil

3/14    http://www.csua.org/u/i8o
        Remote exploit in OpenBSD kernel.  Security is hard.  And yes, it
        would be really difficult to exploit this in practice. -dans
	...

2007/3/13-14 [Computer/SW/OS/FreeBSD] UID:45949 Activity:nil

3/13    OpenBSD 4.1 preorder is up:
        http://www.openbsd.org/items.html#41
	...

2007/3/13-14 [Computer/SW/Security] UID:45950 Activity:nil

3/13    OpenSSH 4.6 is out:
        http://undeadly.org/cgi?action=article&sid=20070308183425
        Portable Version:
        ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-4.6p1.tar.gz
        OpenBSD Version:
        ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-4.6.tar.gz
	...

2006/11/8-9 [Computer/SW/Security] UID:45263 Activity:nil

11/8    OpenSSH 4.5 is out:
        http://www.openssh.org/txt/release-4.5
        ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-4.5.tar.gz
        ftp://ftp.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-4.5p1.tar.gz
	...

2006/9/27-28 [Computer/SW/OS/FreeBSD, Computer/SW/Security] UID:44580 Activity:nil

9/27    OpenSSH 4.4 is leftist
        http://www.openssh.org/txt/release-4.4
        OpenBSD src:
        http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-4.4.tar.gz
        OpenBSD src signature:
        http://ftp.openbsd.org/pub/OpenBSD/OpenSSH/openssh-4.4.tar.gz.asc
	...

2006/9/22-25 [Computer/SW/OS/FreeBSD] UID:44496 Activity:nil

9/22    OpenBSD 4.0 available for pre-order:
        http://www.openbsd.org/40.html
	...

2006/8/16-18 [Computer/SW/OS/FreeBSD] UID:44024 Activity:nil

8/16    Greatest piece of software ever written is 4.3 BSD:
        http://tinyurl.com/go7lv (informationweek.com)
        \_ Windows is run by more computers than all other OS combined.
           \_ that only makes it common, not great.
              \_ If it wasn't great people wouldn't use it.  They'd use 4.3
                 BSD.
	...

Cache (1591 bytes)

tinyurl.com/5aea4 -> marc.theaimsgroup.com/?l=openssh-unix-dev&m=111036822209550&w=2OpenSSH is a 100% complete SSH protocol version 13, 15 and 20 implementation and includes sftp client and server support. We would like to thank the OpenSSH community for their continued support to the project, especially those who contributed source and bought T-shirts or posters. eu Changes since OpenSSH 39: ============================ * ssh now allows the optional specification of an address to bind to in port forwarding connections (local, remote and dynamic). Please refer to the documentation for the -L and -R options in the ssh manual page and the LocalForward and RemoteForward options in the ssh_config manpage. To allow client specified bind addresses for remote (-R) port forwardings, the server must be configured with "GatewayPorts clientspecified". This option improves user privacy by hiding which hosts have been visited. At present this option is off by default, but may be turned on once it receives sufficient testing. These are particularly useful for managing known_hosts files with hashed hostnames. Ther server will now warn in advance for both account and password expiry. Several bugs have been fixed and a new "command mode" has been added to allow the control of a running multiplexing master connection, including checking that it is up, determining its PID and asking it to exit. This prevents ssh from being unable to restore terminal modes (not normally a problem on OpenBSD but common with -Portable on POSIX platforms). Currently this is only for password, keyboard-interactive and challenge/response authentication methods and only on Linux and HP-UX.

Cache (1098 bytes)

www.openssh.com/portable.htmlOpenSSH Portable Release for Linux/Solaris/etc Portable OpenSSH Normal OpenSSH development produces a very small, secure, and easy to maintain version for the OpenBSD project. The OpenSSH Portability Team takes that pure version and adds portability code so that OpenSSH can run on many other operating systems Unfortunately, in particular since OpenSSH does authentication, it runs into a lot of differences between Unix operating systems. The portable OpenSSH follows development of the official version, but releases are not synchronized. The official OpenBSD source will never use the p suffix, but will instead increment the version number when they hit stable spots in their development. The following files describe the development efforts of the OpenSSH portability development team. Portability ChangeLog Installation instructions FAQ Daily snapshots are available in the snapshots/ directory on the mirror sites Developers Bleeding-edge nightly snapshots are available in the snapshots/ directory on the mirror sites . The portable releases of OpenSSH are also available by anonymous CVS.

Cache (365 bytes)

www.openssh.com/openbsd.htmlOpenSSH for OpenBSD OpenSSH for OpenBSD Since OpenSSH is developed by the OpenBSD group, OpenSSH is included in the base operating system, starting at OpenBSD release 26 So theres nothing to install or add to your system. However, due to newer features or other patches, you may wish to upgrade. You can download the current OpenSSH release from these ftp mirrors .