570: RegreSSHion Strikes

2024/7/8

LINUX Unplugged

Frequently requested episodes will be transcribed first

We dig into the RegreSSHion bug, debate it's real threat and explore clever tools to build a tasty fried onion around your system.

Sponsored By:

Links:

💥 Gets Sats Quick and Easy with Strike)
📻 LINUX Unplugged on Fountain.FM)
Spokane Meetup - No-Li Brewhouse · JB Events on Gathio)
Plasma/Krunner Docs) — Brent's tip: 'https://search.nixos.org/options?query=\{@}' (the '{@}' is the magic sauce)
autossh) — Automatically restart SSH sessions and tunnels
autossh on GitHub)
Spokane Meetup) — No-Li Brewhouse, Sat, Jul 13, 2024, 4:00 PM
RegreSSHion) — Remote Code Execution Vulnerability In OpenSSH Server
regreSSHion) — Remote Unauthenticated Code Execution Vulnerability in OpenSSH server.
NixOS Security advisory: OpenSSH CVE-2024-6387 “regreSSHion” – update your servers ASAP)
Nasty regreSSHion bug affects around 700K Linux systems)
Qualys CVE-2024-6387 Write-up)
Letmein: Authenticating port knocker - Written in Rust) — Letmein is a simple port knocker with a simple and secure authentication mechanism. It can be used to harden against pre-authentication attacks on services like SSH, VPN, IMAP and many more.
fwknop: Single Packet Authorization > Port Knocking) — fwknop stands for the "FireWall KNock OPerator", and implements an authorization scheme called Single Packet Authorization (SPA). This method of authorization is based around a default-drop packet filter
Membership Summer Discount) — Take $1 a month of your membership for a lifetime!
Jeff links: How to run non-nix executables?)
pick: stu) — TUI (Terminal/Text UI) application for AWS S3