Computerworld

Core Infrastructure Initiative to delve into security of OpenSSL, OpenSSH, Network Time Protocol

The Linux Foundation today announced the first protocols that it wants to address as part of its open-source code testing and security review. Not surprisingly, OpenSSL, where the infamous Heartbleed ...
ZDNet

OpenSSH to deprecate SHA-1 logins due to security risk

OpenSSH, the most popular utility for connecting to and managing remote servers, has announced today plans to drop support for its SHA-1 authentication scheme. The OpenSSH team cited security concerns ...
Linux Journal

Mastering OpenSSH for Remote Access on Debian Like a Pro

Remote access is a cornerstone of modern IT infrastructure, enabling administrators and users to manage systems, applications, and data from virtually anywhere. However, with great power comes great ...
ZDNet

With the Quickness: HD Moore sets new land speed record with exploitation of Debian/Ubuntu OpenSSL flaw

So, for those who haven't heard, a Debian packager modified the source used for OpenSSL on Debian based systems (Debian and the whole of the Ubuntu family) to remove the seed used for PRNG (Pseudo ...
Ars Technica

OpenSSL to get a security audit and two full-time developers

A Linux Foundation project inspired by the Heartbleed security flaw announced that it will fund a security audit for the OpenSSL code base and the salaries of two full-time developers. The Heartbleed ...
Ars Technica

Fixing another problem with OpenSSH

The symptoms of this problem = timing out when you try to ssh into yoru computer after the getuid and geteuid sequence.<P>Based on Soctt Anguish's building OpenSSH ...