SSH : une faille critique dans Erlang/OTP, facile à exploiter, a été patchée ! https://www.it-connect.fr/ssh-une-faille-critique-dans-erlang-otp-facile-a-exploiter-a-ete-patchee/ #ActuCybersécurité #Cybersécurité #Vulnérabilité #SSH
Disable password logins on the SERVER in favour of using SSH keys for authentication. Create the necessary SSH keys on a NetBSD CLIENT that will be used to secure access to remote devices:
Neat, OpenSSH client adds variable expansion in "User".
This will allow for much simpler PAM (the privileged access management one) related configuration - for example, expanding user into user%original_hostname etc.
https://github.com/openssh/openssh-portable/commit/bd30cf784d6e825ef71592fb723c41d4f2fd407b
we talk about ssh with @jtk and bam there is this
https://vulnerability.circl.lu/vuln/CVE-2025-32433#sightings
“SSH server (Erlang) may allow an attacker to perform unauthenticated remote code execution (RCE).”
We should be careful when we talk.
Flight: #TOM840
ICAO code: #40769A
Registration: G-TUMG
Type: BOEING 737 MAX 8
Operator: Tui Airways Limited
Direction: 94° (East)
Speed: 287.8 kmh
Altitude: 9550 ft
Category: Large
Route:
Previously seen: 126 times
Track:
https://globe.adsb.fi/?icao=40769a
Photo by: Chris Pitchacaren
Link: https://hooks.geekyco.de/ps/40769a
Flight: #EZY91LT
Registration: G-UZLK
ICAO code: #407959
Callsign: #EASY
Operator: Easyjet Uk
Type: AIRBUS A320-251N
Country: 
From: #SSH to #MAN
Speed: 855 kmh
Altitude: 10980 m
Distance: 3.7 km
Angle ∆: 71.4°
Direction ->: WNW
Track:
https://tinyurl.com/26zu5s8x
History:
https://www.radarbox.com/data/mode-s/407959
https://www.flightradar24.com/data/aircraft/G-UZLK
Photos:
https://jetphotos.com/photo/keyword/G-UZLK
Seen: 50x
Call for volunteer data:
Looking for real sets of hash-protected ssh ~/.ssh/known_hosts files/records, to tune cracking attack stacks on. The bigger the better.
Requirements: the cipher type and the fingerprint are not needed -- just need the hash and salt (first couple of base64 fields).
Individual cracks won't be published. If you want your own cracks, strong proof of ownership required. DM me!
Flight: #EZY18UP
ICAO code: #4078EF
Registration: G-UZMI
Type: AIRBUS A-321neo
Operator: easyJet Uk
Direction: 72° (East-Northeast)
Speed: 345.7 kmh
Altitude: 11275 ft
Category: Large
Route:
Previously seen: 256 times
Track:
https://globe.adsb.fi/?icao=4078ef
Photo by: Finnographie
Link: https://hooks.geekyco.de/ps/4078ef
Flight: #TOM226
ICAO code: #407FAF
Registration: G-TUMY
Type: BOEING 737 MAX 8
Operator: Tui Airways Limited
Direction: 93° (East)
Speed: 447.8 kmh
Altitude: 35000 ft
Category: Large
Route:
Previously seen: 55 times
Track:
https://globe.adsb.fi/?icao=407faf
Photo by: Frederick Tremblay
Link: https://hooks.geekyco.de/ps/407faf
Flight: #TOM652
ICAO code: #4066D0
Registration: G-TAWI
Type: BOEING 737-800
Operator: Tui Airways Limited
Direction: 94° (East)
Speed: 334.1 kmh
Altitude: 15400 ft
Category: Large
Route:
Previously seen: 105 times
Track:
https://globe.adsb.fi/?icao=4066d0
Photo by: Philipp Greiml
Link: https://hooks.geekyco.de/ps/4066d0
Flight: #EFW9PF
ICAO code: #406B5A
Registration: G-GATK
Type: AIRBUS A-320
Operator: BA Euroflyer
Direction: 87° (East)
Speed: 361.3 kmh
Altitude: 11600 ft
Category: Large
Route:
Previously seen: 161 times
Track:
https://globe.adsb.fi/?icao=406b5a
Photo by: Kris Van Craenenbroeck
Link: https://hooks.geekyco.de/ps/406b5a
Flight: #EZY21EZ
ICAO code: #4072C7
Registration: G-UZHA
Type: AIRBUS A-320neo
Operator: easyJet Uk
Direction: 273° (West)
Speed: 290.5 kmh
Altitude: 9600 ft
Category: Large
Route:
Previously seen: 175 times
Track:
https://globe.adsb.fi/?icao=4072c7
Photo by: John Robert Murdoch
Link: https://hooks.geekyco.de/ps/4072c7
Flight: #EZY18UP
ICAO code: #406D92
Registration: G-EZOM
Type: AIRBUS A-320
Operator: easyJet Uk
Direction: 89° (East)
Speed: 300.0 kmh
Altitude: 10450 ft
Category: Large
Route:
Previously seen: 201 times
Track:
https://globe.adsb.fi/?icao=406d92
Photo by: Karl Dittlbacher
Link: https://hooks.geekyco.de/ps/406d92
Flight: #EZY92FQ
ICAO code: #406CD2
Registration: G-EZOF
Type: AIRBUS A-320
Operator: easyJet Uk
Direction: 91° (East)
Speed: 435.1 kmh
Altitude: 30275 ft
Category: Large
Route:
Previously seen: 199 times
Track:
https://globe.adsb.fi/?icao=406cd2
Photo by: Philipp Greiml
Link: https://hooks.geekyco.de/ps/406cd2
Flight: #EZY21EZ
ICAO code: #407D22
Registration: G-UZLO
Type: AIRBUS A-320neo
Operator: easyJet Uk
Direction: 272° (West)
Speed: 340.2 kmh
Altitude: 13875 ft
Category: Large
Route:
Previously seen: 86 times
Track:
https://globe.adsb.fi/?icao=407d22
Photo by: Bram Steeman
Link: https://hooks.geekyco.de/ps/407d22
PS: I also discovered you can modify the `lnav` behaviour by only showing new logs at the time of using the SSH command above:
```
#!/usr/bin/env bash
export TZ='Europe/Berlin';
NOW="$(date -Iseconds | sed -e 's/+.*$//')"
LOG_FILE="$(ls -t ~/pgdata/data/logs/*.log | head -n 1)"
if [ "$1" = "now" ]; then
lnav "$LOG_FILE" -c ":hide-lines-before $NOW"
else
lnav "$LOG_FILE"
fi
```
Flight: #EZY18UP
ICAO code: #407D22
Registration: G-UZLO
Type: AIRBUS A-320neo
Operator: easyJet Uk
Direction: 91° (East)
Speed: 391.2 kmh
Altitude: 11700 ft
Category: Large
Route:
Previously seen: 85 times
Track:
https://globe.adsb.fi/?icao=407d22
Photo by: Bram Steeman
Link: https://hooks.geekyco.de/ps/407d22
Flight: #TOM396
ICAO code: #4072A4
Registration: G-TAWV
Type: BOEING 737-800
Operator: Tui Airways Limited
Direction: 122° (East-Southeast)
Speed: 481.1 kmh
Altitude: 35000 ft
Category: Large
Route:
Previously seen: 83 times
Track:
https://globe.adsb.fi/?icao=4072a4
Photo by: Chris Pitchacaren
Link: https://hooks.geekyco.de/ps/4072a4
