Soliman Hindy<p>OpenSSH Config Tags How To</p><p><a href="https://mrod.space/2023/09/04/using-tags-in-ssh-config" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">mrod.space/2023/09/04/using-ta</span><span class="invisible">gs-in-ssh-config</span></a></p><p>To be honest I did not know tags existed in <a href="https://mastodon.lovetux.net/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
shakedown.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
A community for live music fans with roots in the jam scene. Shakedown Social is run by a team of volunteers (led by @clifff and @sethadam1) and funded by donations.
Administered by:
Server stats:
243active users
shakedown.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.7
#openssh
1 post · 1 participant · 0 posts today
Dave Polaschek (he/him)<p>I'm looking to hook up PerSourcePenalties in the sshd_config on my VPS, and can't find any examples of using them out there. They're a new-ish feature, so I wonder if anyone's an expert yet besides <span class="h-card" translate="no"><a href="https://cybervillains.com/@djm" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>djm</span></a></span>.</p><p>Specifically, I'm getting a lot of attempted password logins on a system where "PasswordAuthentication no" is set, and I see five door-knocks from each IP before they get punted. Would rather have that kick in more quickly to keep the logs less cluttered.</p><p><a href="https://writing.exchange/tags/OpenBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenBSD</span></a> <a href="https://writing.exchange/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a></p>
Marcus Adams<p>If you're on <a href="https://mastodon.social/tags/Debian" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Debian</span></a> stable but would like a PQ key exchange algorithm on your SSH service, <a href="https://mastodon.social/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> 10 is available in the Bookworm backports with the following release notes.</p><p><a href="https://mastodon.social/tags/Security" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Security</span></a> <a href="https://mastodon.social/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberSecurity</span></a> <a href="https://mastodon.social/tags/Quantum" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Quantum</span></a></p>
nixCraft 🐧<p>Multiplexing will boost your SSH connectivity or speed by reusing existing TCP connections to a remote host. Here are commands that you can use to control multiplexing when using OpenSSH server or client on your Linux, macOS, FreeBSD or Unix-like systems. Not sure what SSH multiplexing is? Learn how to set it up and use it to speed up your SSH sessions with our handy guide: <a href="https://www.cyberciti.biz/faq/ssh-multiplexing-control-command-to-check-forward-list-cancel-stop-connections/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cyberciti.biz/faq/ssh-multiple</span><span class="invisible">xing-control-command-to-check-forward-list-cancel-stop-connections/</span></a></p><p><a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a> <a href="https://mastodon.social/tags/unix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>unix</span></a> <a href="https://mastodon.social/tags/freebsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>freebsd</span></a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a> <a href="https://mastodon.social/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a> <a href="https://mastodon.social/tags/macos" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>macos</span></a></p>
r1w1s1<a href="https://snac.bsd.cafe?t=openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#openssh</a> is the best tool for admin bsd and linux box.<br>
Bryan Steele :flan_beard:<p>A very welcome change in <a href="https://bsd.network/tags/OpenBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenBSD</span></a> -current that impacts software which restrict filesystem access with unveil(2), but permit access to /tmp (like web browsers). :flan_thumbs:</p><p>ssh-agent(1) listener sockets and forwarded sockets in sshd(8) will now be under ~/.ssh/agent instead.</p><blockquote><p>djm@ modified src/usr.bin/ssh/*: Move agent listener sockets from /tmp to under ~/.ssh/agent for both ssh-agent(1) and forwarded sockets in sshd(8).</p><p>This ensures processes (such as Firefox) that have restricted filesystem access that includes /tmp (via unveil(3)) do not have the ability to use keys in an agent.</p><p>Moving the default directory has the consequence that the OS will no longer clean up stale agent sockets, so ssh-agent now gains this<br>ability.</p><p>To support $HOME on NFS, the socket path includes a truncated hash of the hostname. ssh-agent will by default only clean up sockets from the same hostname.</p><p>ssh-agent gains some new flags: -U suppresses the automatic cleanup of stale sockets when it starts. -u forces a cleanup without keeping a running agent, -uu forces a cleanup that ignores the hostname. -T makes ssh-agent put the socket back in /tmp.</p><p>feedback deraadt@ naddy@<br>doitdoitdoit deraadt@</p></blockquote><p><a href="https://bsd.network/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a></p>
Kevin Lyda<p>OK, this is a thing I didn't know. In <a href="https://mastodon.ie/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a> config files, the first mention wins, not the last.</p><p>The overrides in the .d directories are included *first* (normally this happens last - see nginx, sudo, etc) which is how they override things.</p><p><a href="https://utcc.utoronto.ca/~cks/space/blog/sysadmin/OpenSSHConfigOrderMatters" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">utcc.utoronto.ca/~cks/space/bl</span><span class="invisible">og/sysadmin/OpenSSHConfigOrderMatters</span></a></p>
nixCraft 🐧<p>OpenSSH 10.0/10.0p2 released <a href="https://www.openssh.com/releasenotes.html#10.0p1" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">openssh.com/releasenotes.html#</span><span class="invisible">10.0p1</span></a></p><p><a href="https://mastodon.social/tags/unix" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>unix</span></a> <a href="https://mastodon.social/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a> <a href="https://mastodon.social/tags/linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>linux</span></a> <a href="https://mastodon.social/tags/opensource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>opensource</span></a></p>
Parade du Grotesque 💀<p>Also: <a href="https://mastodon.sdf.org/tags/Slackware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Slackware</span></a> 15 has a security update for Python3:</p><p><a href="http://www.slackware.com/security/viewer.php?l=slackware-security&y=2025&m=slackware-security.326755" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">http://www.</span><span class="ellipsis">slackware.com/security/viewer.</span><span class="invisible">php?l=slackware-security&y=2025&m=slackware-security.326755</span></a></p><p>Slackware-current just adopted <a href="https://mastodon.sdf.org/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> 10.0.p1 & <a href="https://mastodon.sdf.org/tags/OpenSSL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSL</span></a> 3.5</p><p>n/openssh-10.0p1-x86_64-1.txz: Upgraded. Potentially-incompatible changes include the removal of the weak DSA signature algorithm, completing the deprecation process that began in 2015 (when DSA was disabled by default) and repeatedly warned over the last 12 months.</p><p>n/openssl-3.5.0-x86_64-1.txz: Upgraded. New LTS release, supported until 08 Apr 2030.</p>
Edwin G. :mapleleafroundel:<p>Portable OpenSSH 10.0p1 will not exist. It will be known as OpenSSH 10.0p2.</p><p><a href="https://lists.mindrot.org/pipermail/openssh-unix-announce/2025-April/000163.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">lists.mindrot.org/pipermail/op</span><span class="invisible">enssh-unix-announce/2025-April/000163.html</span></a><br>- - -<br>OpenSSH portable 10.0p1 n’existera pas. Ce sera connue comme OpenSSH 10.0p2. </p><p>// Publication en anglais //</p><p><a href="https://mstdn.moimeme.ca/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> <a href="https://mstdn.moimeme.ca/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a></p>
Raven<p>OpenSSH 10.0 released with hybrid post-quantum algorithm mlkem768x25519-sha256 as default key agreement, new cipher preference list, new options, bug fixes</p><p><a href="https://www.openssh.com/releasenotes.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">openssh.com/releasenotes.html</span><span class="invisible"></span></a></p><p><a href="https://mastodon.bsd.cafe/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a> <a href="https://mastodon.bsd.cafe/tags/openbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openbsd</span></a> <a href="https://mastodon.bsd.cafe/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.bsd.cafe/tags/secureshell" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>secureshell</span></a> <a href="https://mastodon.bsd.cafe/tags/postquantumcryptography" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>postquantumcryptography</span></a></p>
Bryan Steele :flan_beard:<p><a href="https://bsd.network/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> 10.0 release notes: <a href="https://www.openssh.com/txt/release-10.0" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://www.</span><span class="">openssh.com/txt/release-10.0</span><span class="invisible"></span></a></p><p>In addition to removing DSA, this splits the user authentication code from the sshd-session binary into a separate sshd-auth binary. Also only <a href="https://bsd.network/tags/OpenBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenBSD</span></a>, this new sshd-authd is relinked on boot, just like sshd-session & sshd.</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://infosec.exchange/@JessTheUnstill" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>JessTheUnstill</span></a></span> <span class="h-card" translate="no"><a href="https://infosec.exchange/@Pibble" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>Pibble</span></a></span><br><br>And yes, I treat all devices as insecure and would rather invest the time and effort needed get <a href="https://infosec.space/tags/TechIlliterates" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TechIlliterates</span></a> up to speed on the <a href="https://infosec.space/tags/OfflinePGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OfflinePGP</span></a> <a href="https://www.youtube.com/watch?v=vdab4T_CoN8" rel="nofollow noopener noreferrer" target="_blank">method!</a></p><ul><li>Sounds cumbersome, but when your threat model literally goes against the #1 <a href="https://infosec.space/tags/Hacking" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Hacking</span></a> <a href="https://infosec.space/tags/Regime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Regime</span></a> (<a href="https://infosec.space/tags/USA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>USA</span></a>) with more <a href="https://infosec.space/tags/Exploits" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Exploits</span></a> stockpiled than any hacking forum (cuz <a href="https://infosec.space/tags/NOBUS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NOBUS</span></a> <a href="https://en.wikipedia.org/wiki/NOBUS" rel="nofollow noopener noreferrer" target="_blank">doctrine</a>), you gotta have to upgrade.</li></ul><p>Given the cheapness of storage (legitimate 1TB microSD cards exist and they ain't 4-digit items!) I'd legitimately look into <a href="https://infosec.space/tags/OTP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OTP</span></a> <a href="https://infosec.space/tags/encryption" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>encryption</span></a> and (<em>IF I had the €€€€€€ to do so!</em>) would even sponsor implementing it in <a href="https://infosec.space/tags/OpenVPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenVPN</span></a>, <a href="https://infosec.space/tags/WireGuard" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WireGuard</span></a> and <a href="https://infosec.space/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> (for <a href="https://infosec.space/tags/SSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SSH</span></a>-Tunmeling).</p><ul><li>The <a href="https://infosec.space/tags/US" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>US</span></a> is a <a href="https://infosec.space/tags/RogueNation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>RogueNation</span></a> with a Rogue Government! The sooner we accept this reality the sooner we can not only adjust to it but act accordingly…</li></ul><p>I <em>sincerely wish</em> y'all could legitimately call me a tinfoilhat but so far I've been proven right all the time...</p>
Tomáš<p><a href="https://merveilles.town/tags/unix_surrealism" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>unix_surrealism</span></a> <a href="https://merveilles.town/tags/openbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openbsd</span></a> <a href="https://merveilles.town/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a> <a href="https://merveilles.town/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a> <a href="https://merveilles.town/tags/comic" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>comic</span></a> <a href="https://merveilles.town/tags/runbsd" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>runbsd</span></a> <a href="https://merveilles.town/tags/fish" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>fish</span></a> <a href="https://merveilles.town/tags/puffy" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>puffy</span></a></p>
JP Mens<p>A few words on SSH public keys read from AuthorizedKeysFile(s) and obtained programmatically from OpenSSH's AuthorizedKeysCommand program.</p><p><a href="https://jpmens.net/2025/03/25/authorizedkeyscommand-in-sshd/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">jpmens.net/2025/03/25/authoriz</span><span class="invisible">edkeyscommand-in-sshd/</span></a></p><p><a href="https://mastodon.social/tags/ssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ssh</span></a> <a href="https://mastodon.social/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a></p>
Garrett Wollman<p>Suppose you have `AllowUsers foo` set in sshd_config. Normally, this will result in logs like:</p><p>[date] [host] sshd-session[pid]: Invalid user ubuntu from 195.178.110.18 port 44128</p><p>But sometimes, you see this instead:</p><p>[date] [host] sshd-session[pid]: error: PAM: Authentication error for illegal user centos from 82.193.122.91</p><p>What are the circumstances in which the attacker is able to get through sshd to interact with the PAM stack despite having given a non-permitted login? <a href="https://mastodon.social/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://mastodon.social/tags/openssh" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openssh</span></a></p>
Scripter :verified_flashing:<p>Sicherheitsupdate OpenSSH: Angreifer können sich in Verbindungen einklinken | heise online<br><a href="https://heise.de/-10287547" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">heise.de/-10287547</span><span class="invisible"></span></a> <a href="https://social.tchncs.de/tags/Datei%C3%BCbertragungssoftware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Dateiübertragungssoftware</span></a> <a href="https://social.tchncs.de/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> <a href="https://social.tchncs.de/tags/Sicherheitsl%C3%BCcken" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Sicherheitslücken</span></a> <a href="https://social.tchncs.de/tags/Update" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Update</span></a></p>
Jan Schaumann<p><a href="https://mstdn.social/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> has a MitM vulnerability when using `VerifyHostKeyDNS` (CVE-2025-26465).</p><p>The attack has the hostile server running the client out of memory, which then circumvents the hostkey verification *completely*.</p><p>The default for `VerifyHostKeyDNS` is `no`, but if you change that, until you can upgrade to 9.9p2, better keep it at `VerifyHostKeyDNS=no`.</p><p><a href="https://www.openwall.com/lists/oss-security/2025/02/18/1" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">openwall.com/lists/oss-securit</span><span class="invisible">y/2025/02/18/1</span></a></p>
Bryan Steele :flan_beard:<p><a href="https://bsd.network/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a> 9.9p2 -portable was released, fixing two security issues reported by Qualys Security.</p><p><a href="https://www.openssh.com/releasenotes.html#9.9p2" rel="nofollow noopener noreferrer" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">openssh.com/releasenotes.html#</span><span class="invisible">9.9p2</span></a></p><p>A binary syspatch is also available for <a href="https://bsd.network/tags/OpenBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenBSD</span></a> 7.5/7.6.</p>
Kevin Karhan :verified:<p><span class="h-card" translate="no"><a href="https://jorts.horse/@kobilacroix" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>kobilacroix</span></a></span> also <a href="https://infosec.space/tags/OpenSource" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSource</span></a> is used as a means to identify espionage and manipulation attempts and enable quicjer fixing if security issues.</p><ul><li>And that works not only for <a href="https://infosec.space/tags/Tor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Tor</span></a>, but <a href="https://infosec.space/tags/OpenPGP" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenPGP</span></a>, <a href="https://infosec.space/tags/OpenSSL" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSL</span></a>, <a href="https://infosec.space/tags/OpenSSH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenSSH</span></a>, <a href="https://infosec.space/tags/OpenVPN" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenVPN</span></a>, <a href="https://infosec.space/tags/Linux" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Linux</span></a>, ...</li></ul><p>In fact, <a href="https://infosec.space/tags/OpenBSD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OpenBSD</span></a>'s security is based upon <a href="https://infosec.space/tags/openness" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>openness</span></a>, <a href="https://infosec.space/tags/transparency" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>transparency</span></a> and <a href="https://infosec.space/tags/KISSprinciple" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>KISSprinciple</span></a>'d design.</p><ul><li>Not to mention <a href="https://infosec.space/tags/Monero" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Monero</span></a> is really frustrating the U.S. Govt. (espechally IRS) <em>because it is <a href="https://infosec.space/tags/FLOSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FLOSS</span></a></em> and with basically <em>billions in value</em> locked in, every cryptographer of every major state and non-state actor is trying to exploit it.</li></ul><p>That's the strenght of <a href="https://infosec.space/tags/FOSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>FOSS</span></a>:</p><ul><li>With every commit and every line if cide beibg public, noone can get away with <a href="https://infosec.space/tags/Govware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Govware</span></a>-<a href="https://infosec.space/tags/Backdoors" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Backdoors</span></a> ob most stuff as they do constantly with <a href="https://infosec.space/tags/CCSS" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CCSS</span></a>!</li></ul><p>Cuz you can be shure everytime someone from NSA, CIA, GAFAMs, Huawei, etc. even commits a single line to <code>linux</code> or requests a merge there are countless people <em>literally waiting to find a reason to say no</em> and evidence it's a <a href="https://infosec.space/tags/backdoor" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>backdoor</span></a> of some kind.</p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload