The Wiert Corner – irregular stream of stuff

Jeroen W. Pluimers on .NET, C#, Delphi, databases, and personal interests

  • My badges

    Mastodon

  • Twitter Updates

  • My Flickr Stream

    20140508-Delphi-2007--Project-Options--Cannot-Edit-Application-Title-HelpFile-Icon-Theming20140430-Fiddler-Filter-Actions-Button-Run-Filterset-now20140424-VMware-Fusion-6.0.3.-no-reclaimable
    More Photos

  • Pages

  • All categories

  • Enter your email address to subscribe to this blog and receive notifications of new posts by email.

    Join 1,860 other subscribers

Archive for the ‘OpenSSH’ Category

Tribal Knowledge? Getting the public keys from github and gitlab users from their username

Posted by jpluimers on 2025/04/03

Learned a while ago: if you have the username from a GitHub or GitLab user, you can download interesting that sometimes can make life easier (but not necessarily more secure):

  • github.com/username.keys gives you their public SSH keys
  • gitlab.com/username.keys gives you their public SSH keys
  • github.com/username.png gives you their profile image

And that there are tools like gh, glab and age that can make direct use of them.

I love Twitter, so thanks for these for teaching me these little tricks:

Read the rest of this entry »

Posted in *nix, *nix-tools, ArchiveTeamWarrior, Conference Topics, Conferences, Development, Event, GitHub, GitLab, Internet, InternetArchive, OpenSSH, Power User, Software Development, Source Code Management, SSH, ssh/sshd, WayBack machine | Tagged: , | Leave a Comment »

5 days after the exploit publication of snowcra5h/CVE-2023-38408: Remote Code Execution in OpenSSH’s forwarded ssh-agent

Posted by jpluimers on 2023/07/26

TL;DR is at the bottom (;

5 days ago this exploit development got published: [Wayback/Archive] snowcra5h/CVE-2023-38408: CVE-2023-38408 Remote Code Execution in OpenSSH’s forwarded ssh-agent.

It is about [Wayback/Archive] NVD – CVE-2023-38408 which there at NIST isn’t rated (yet?), neither at [Wayback/Archive] CVE-2023-38408 : The PKCS#11 feature in ssh-agent in OpenSSH before 9.3p2 has an insufficiently trustworthy search path, leading to remot.

However at [Wayback/Archive] CVE-2023-38408- Red Hat Customer Portal it scores 7.3 and [Wayback/Archive] CVE-2023-38408 | SUSE it did get a rating of 7.5, so since I mainly use OpenSuSE I wondered what to do as the CVE is formulated densely at [Wayback/Archive] www.qualys.com/2023/07/19/cve-2023-38408/rce-openssh-forwarded-ssh-agent.txt: it mentions Alice, but no Bob or Mallory (see Alice and Bob – Wikipedia).

Luckily, others readly already did the fine reading and emphasised the important bits, especially at [Wayback/Archive] RCE Vulnerability in OpenSSH’s SSH-Agent Forwarding: CVE-2023-38408 (note that instead of Alex, they actually mean Alice)

“A system administrator (Alice) runs SSH-agent on her local workstation, connects to a remote server with ssh, and enables SSH-agent forwarding with the -A or ForwardAgent option, thus making her SSH-agent (which is running on her local workstation) reachable from the remote server.”

According to researchers from Qualys, a remote attacker who has control of the host, which Alex has connected to, can load (dlopen()) and immediately unload (dlclose()) any shared library in /usr/lib* on Alice’s workstation (via her forwarded SSH-agent if it is compiled with ENABLE_PKCS11, which is the default).

The vulnerability lies in how SSH-agent handles forwarded shared libraries. When SSH-agent is compiled with ENABLE_PKCS11 (the default configuration), it forwards shared libraries from the user’s local workstation to the remote server. These libraries are loaded (dlopen()) and immediately unloaded (dlclose()) on the user’s workstation. The problem arises because certain shared libraries have side effects when loaded and unloaded, which can be exploited by an attacker who gains access to the remote server where SSH-agent is forwarded to.

Mitigations for the SSH-Agent Forwarding RCE Vulnerability

Read the rest of this entry »

Posted in *nix, *nix-tools, bash, bash, Communications Development, Development, Internet protocol suite, OpenSSH, Power User, PowerShell, Scripting, Security, Software Development, SSH | Leave a Comment »

Different ways for installing Windows features on the command line – Peter Hahndorf

Posted by jpluimers on 2023/06/02

If course you can configure Windows Optional Features using the GUI as for instance explained at [Wayback/Archive] How to manage Windows 10’s many ‘optional features | Windows Central.

However, I prefer command-line management.

About the only post doing the comparison of command-line mangement options I could find about is [Wayback/Archive] Different ways for installing Windows features on the command line – Peter Hahndorf and hopefully will be further updated in the future. It is dated 2015, but has been updated until at least Windows Server Nano.

I added one, and then rewrote the tool-set availability table in the post into this:

Read the rest of this entry »

Posted in Communications Development, Development, Internet protocol suite, Microsoft Store, OpenSSH, Power User, SSH, TCP, Windows, Windows 10, Windows 11, Windows 7, Windows 8, Windows 8.1, Windows Server 2008, Windows Server 2008 R2, Windows Server 2012, Windows Server 2012 R2, Windows Server 2016, Windows Vista | Leave a Comment »

Installing Windows OpenSSH from the command-line on Windows 10 and 11

Posted by jpluimers on 2023/03/28

While writing On my reading list: Windows Console and PTY, I found out that OpenSSH had become available as an optional Windows feature.

It was in [Wayback/Archive.is] Windows Command-Line: Introducing the Windows Pseudo Console (ConPTY) | Windows Command Line:

Thankfully, OpenSSH was recently ported to Windows and added as a Windows 10 optional feature. PowerShell Core has also adopted ssh as one of its supported PowerShell Core Remoting protocols.

Here are a few links:

Read the rest of this entry »

Posted in *nix, *nix-tools, Communications Development, ConPTY, Console (command prompt window), Development, Internet protocol suite, OpenSSH, Power User, SSH, ssh/sshd, TCP, Windows, Windows 10, Windows 11 | Leave a Comment »

OpenSSH scp has defaulted to the SFTP protocol for some 9 months now

Posted by jpluimers on 2022/05/25

Since I will be bitten by this someday, here the september 2021 observation that [Wayback] By default, scp(1) now uses SFTP protocol.

The original scp/rcp protocol remains available via the -O flag.

It refers to the august 2021 announcement in the [Wayback] OpenSSH: Release Notes – OpenSSH 8.7/8.7p1 (2021-08-20) that scp supported SFTP (like the sftp tool) and that it would become default soon:

Read the rest of this entry »

Posted in *nix, *nix-tools, Communications Development, Development, Internet protocol suite, OpenSSH, Power User, rsync, scp, SFTP, SSH, TCP | Leave a Comment »