Hacker Read

johnthescott · 2022-12-16 19:48:32

yep, legacy tru64, aix, solaris. big issue is ssh encryption.

beagle3 | karma 16421 | avg karma 2.62 · | 2021-12-16 12:27:31

SSH has included file encryption for a few versions now, and iirc supports yubikeys — probably would be more useful a backend than age.

cbsmith | karma 4783 | avg karma 1.38 · | 2023-04-17 14:36:54

Another way I'm feeling old... I remember back when OpenSSH was just a plucky upstart implementation of SSH.

throwaway892238 | karma 2224 | avg karma 4.5 · | 2023-03-26 23:02:56

I meant the protocol, not the program. A secure shell is still useful, but the old protocol is like a unix neckbeard that doesn't wanna learn containers. (And while we're on the subject, SSHD should support an HTTPS port and either serve a javascript client or accept websocket connections, because it is 2023 and that's what everyone wants anyway)

sigjuice | karma 1677 | avg karma 1.63 · | 2021-03-12 04:17:42

That is great! I thought Big Sur had deprecated kernel extensions which would prevent osxfuse and sshfs from working.

the8472 | karma 12236 | avg karma 2.77 · | 2021-03-03 23:05:05+00:00

Also any proprietary/ancient SSH implementation only supporting RSA that you'll find in all kinds of boxes.

topherTopher | karma 4 | avg karma 0.5 · | 2014-10-22 16:25:14

It looks to me like it's Samba-based. I'm poking around with it to see if we can get linux machines to use it for ssh auth.

SwellJoe | karma 32744 | avg karma 4.79 · | 2017-07-05 05:06:09+00:00

25 years ago I was using an Amiga 3000 with a 25 MHz 68030 CPU and 8 MB of RAM. It feels pretty distant to me. A lot has changed in that time.

And, OpenSSH isn't even 20 years old, so it's actually not been that long. SSH was 1995, that's probably the beginning of the ssh epoch and the beginning of the end of the rsh age.

reply

boxingrock | karma 7 | avg karma 0.47 · | 2022-03-15 18:30:08

that's awesome. i recently built an ssh management interface using some of the same libraries, i'll be sure to check it out.

quackduck | karma 664 | avg karma 7.22 · | 2023-10-21 18:25:08

Oh btw the go SSH lib being old thing has been fixed for a while now.

pritambaral | karma 3587 | avg karma 2.13 · | 2016-06-30 21:51:17+00:00

Interestingly, I switched from synergy to a self-made ssh+x2x wrapper. Two reasons:

1. Ease of install; and 2. Backwards compatibility (Ubuntu 14.04's synergy just couldn't work with Arch's)

reply

vetrom | karma 216 | avg karma 1.31 · | 2015-03-03 19:24:02+00:00

So is this just the PuTTY VT/ssh under the hood?

While I'm wary to start with, I'd probably be even warier if it weren't.

reply

retrac | karma 10846 | avg karma 4.55 · | 2022-12-29 11:54:44

A clever hacker has gone and ported a modern SSL library to System 7, plus SSH [1]. Runs on a 68030+ Mac. OpenTransport, not MacTCP. And I imagine key exchange takes a few minutes... but yeah, you can ssh into a contemporary machine over the open Internet using a Mac SE/30 under System 7. (You could also just run NetBSD on the thing and run an entirely modern stack, in theory. The SE/30 can take 128 MB of RAM. It's one of the oldest machines out there that can run a current operating system! Though I'm unsure whether Firefox would finish loading before the heat death of the universe.)

[1] https://github.com/cy384/ssheven

reply

lvh | karma 6761 | avg karma 3.81 · | 2018-08-03 20:21:52+00:00

Nope! Ed25519 is great and honestly I think the compatibility concerns are overblown. It was introduced in 2014. If you are running four year old SSH you have other problems, like probably RHEL or some nonsense.

That said: Ed25519 is a local optimum: the bigger win is to not have long-held credentials at all, and instead use an SSH CA or something like Gravitational Teleport. Doesn't work for GitHub though.

reply

shakna | karma 12286 | avg karma 3.3 · | 2017-09-15 13:39:48

Yeah, I've got that too. Why I looked into that version of OpenSSH.

Still looking for a stable SSH daemon for Windows, because I haven't found one yet, which makes any time I need to work from Windows a real pain.

reply

ninjaoxygen | karma 112 | avg karma 3.2 · | 2015-06-02 18:02:02

This would be great if they implement an SSH server, but I'm guessing the shell it connects to is PowerShell, rather than a sh derivative, so many tools many not work with it?

SoftTalker | karma 11968 | avg karma 2.53 · | 2024-01-11 08:18:54

Yeah old switches, BMCs, and other embedded SSH servers often use it. Really that stuff is too old to be using in a production environment but sometimes reality is different.

Keep an older release of openssh if you need it for those. No sense keeping obsolete code for obsolete use cases in the codebase, it's a maintenance an testing headache and a security risk.

reply

aborsy | karma 2713 | avg karma 1.87 · | 2023-09-12 00:07:32

Thanks! It doesn’t look very promising! SSH is already PQ-secure.

nibbleshifter | karma 1825 | avg karma 2.32 · | 2022-08-29 14:44:57

You are correct about the libraries not supporting modern ssh :)

I ran a bunch of honeypots for a while and grabbed hassh (like ja3 but for ssh) signatures, most bots are using old fucking libssh/libssh2/paramiko that simply can't talk to modern hosts.

reply

kobeya | karma 2900 | avg karma 2.03 · | 2017-04-16 18:12:22+00:00

No, I was indeed referring to OpenSSH which has had its share of security vulnerabilities too.