CSOonline

OpenSSH fixes flaws that enable man-in-the-middle, DoS attacks

Researchers from Qualys found two vulnerabilities that can be combined to bypass the server key verification in OpenSSH clients when the VerifyHostKeyDNS is used, allowing man-in-the-middle attackers ...
CSOonline

OpenSSH vulnerability regreSSHion puts millions of servers at risk

Researchers have uncovered a serious remote code execution vulnerability in the Open Secure Shell (OpenSSH) server that could let unauthenticated attackers obtain a root shell on servers and take them ...
PC World

OpenSSH patches information leak that could expose private SSH keys

If you’re connecting to servers over the secure shell (SSH) protocol using an OpenSSH client, you should update it immediately. The latest version patches a flaw that could allow rogue or compromised ...
ZDNet

OpenSSH to deprecate SHA-1 logins due to security risk

OpenSSH, the most popular utility for connecting to and managing remote servers, has announced today plans to drop support for its SHA-1 authentication scheme. The OpenSSH team cited security concerns ...
heise online

SSH server Dropbear allows privilege escalation

A security vulnerability in the lean SSH server Dropbear allows attackers to escalate their privileges on the system. Updated software packages close the security gap. Dropbear is often used on single ...
ZDNet

5 tips for securing SSH on your Linux server or desktop

I've been using Secure Shell (SSH) for decades. With this remote login tool, I can rest assured my remote machines accept logins securely and efficiently. At the same time, I also understand nothing ...