Subtitle: Qualys finds two worrying bugs in OpenSSH
When I checked my personal rigs Debian had already released the patches and my home server had already auto updated itself.
You must log in or # to comment.
The single biggest attack vector for SSH is IPv4. Disable it and 99% of issues go away.
If my isp would support ipv6, that would be great!
Hot take: Might be wise to adopt the security by obscurity model and go with an OS that is hardened (ideally, a formally verified microkernel like sel4) or runs in a custom VM/container with almost zero attack surface area.
