Language Selection

English French German Italian Portuguese Spanish

Login

Enter your Tux Machines username.
Enter the password that accompanies your username.

More in Tux Machines

Review: Martine OS 2.0 and Airyx 0.2.2

I did not spend a lot of time with Airyx, just a few days. Mostly this was due to the operating system not playing well with my wireless card, an issue most flavours of BSD run into. However, while my experience was brief, I will say that I see the appeal of Airyx (and by extension helloSystem). For people who like the macOS style desktop, this experience should make people feel at home. The unified application menu on the top panel, the icons, the utility and settings panels, and the overall theme all share a strong similarity with macOS. The system installer is quite simple and can be navigated with a few mouse clicks so the barrier to entry is relatively low, assuming your computer has at least 4GB of memory for the live media. The operating system, even running ZFS, is quite light in memory and includes some standard open source tools. There were two weak points I encountered. The first was hardware support, which is often a problem I run into with flavours of BSD. Wireless and suspend support in particular tend to be missing. The other issue was the lack of a fully functioning package manager. I'm not sure why pkg has been hobbled in Airyx, but the fact it still refreshes repository information and installs packages from FreeBSD suggests to me that the limitation is unnecessary. Read more

OpenSSH 8.8

  • [openssh-unix-announce] Announce: OpenSSH 8.8 released

    A near-future release of OpenSSH will switch scp(1) from using the legacy scp/rcp protocol to using SFTP by default.

    Legacy scp/rcp performs wildcard expansion of remote filenames (e.g. "scp host:* .") through the remote shell. This has the side effect of requiring double quoting of shell meta-characters in file names included on scp(1) command-lines, otherwise they could be interpreted as shell commands on the remote side.

    This creates one area of potential incompatibility: scp(1) when using the SFTP protocol no longer requires this finicky and brittle quoting, and attempts to use it may cause transfers to fail. We consider the removal of the need for double-quoting shell characters in file names to be a benefit and do not intend to introduce bug- compatibility for legacy scp/rcp in scp(1) when using the SFTP protocol.

    Another area of potential incompatibility relates to the use of remote paths relative to other user's home directories, for example - "scp host:~user/file /tmp". The SFTP protocol has no native way to expand a ~user path. However, sftp-server(8) in OpenSSH 8.7 and later support a protocol extension "expand-path at openssh.com" to support this.

  • OpenSSH 8.8

    sshd(8) from OpenSSH 6.2 through 8.7 failed to correctly initialise supplemental groups when executing an AuthorizedKeysCommand or AuthorizedPrincipalsCommand, where a AuthorizedKeysCommandUser or AuthorizedPrincipalsCommandUser directive has been set to run the command as a different user. Instead these commands would inherit the groups that sshd(8) was started with.

    Depending on system configuration, inherited groups may allow AuthorizedKeysCommand/AuthorizedPrincipalsCommand helper programs to gain unintended privilege.

    Neither AuthorizedKeysCommand nor AuthorizedPrincipalsCommand are enabled by default in sshd_config(5).

  • OpenSSH 8.8 release disabling rsa-sha digital signature support

    Published the release of OpenSSH 8.8, an open client and server implementation for the SSH 2.0 and SFTP protocols. The release is notable for disabling by default the ability to use digital signatures based on RSA keys with a SHA-1 hash (“ssh-rsa”). The end of support for “ssh-rsa” signatures is due to an increase in the effectiveness of collision attacks with a given prefix (the cost of collision guessing is estimated at about 50 thousand dollars). To test the use of ssh-rsa on your systems, you can try connecting via ssh with the “-oHostKeyAlgorithms = -ssh-rsa” option. Support for RSA signatures with SHA-256 and SHA-512 (rsa-sha2-256 / 512) hashes, which are supported since OpenSSH 7.2, is unchanged.

Audiocasts/Shows/Videos: Security, Linux Action News, Ubuntu 21.10 Beta

  • Josh Bressers: Episode 290 – The security of the Matrix

    Josh and Kurt talk about the security of the Matrix movie series. There was a new Matrix trailer that made us want to discuss some of the security themes. We talk about how the movie is very focused on computing in the 90s. How Neo probably ran Linux and they used a real ssh exploit. How a lot of the plot is a bit silly. It’s a really fun episode.

  • Linux Action News 208

    Canonical gives Linux admins a lucky break, the details on Android's slow shift to an upstream Kernel, a breakthrough for Linux gaming, and our take on GNOME 41. Plus how AlmaLinux just rounded out their offering.

  • Brodie Robertson Channel Trailer 2021 - Invidious
  • Ubuntu 21.10 Beta Run Through - Invidious

    In this video, we are looking at Ubuntu 21.10 Beta. Enjoy!

  • Ubuntu 21.10 Beta

    Today we are looking at Ubuntu 21.10 Beta. It comes with Linux Kernel 5.13, Gnome 40, and uses about 1.1GB of ram when idling. Enjoy!

Stable Kernels: 5.14.8, 5.10.69, 5.4.149, 4.19.208, 4.14.248, 4.9.284, and 4.4.285

    I'm announcing the release of the 5.14.8 kernel. All users of the 5.14 kernel series must upgrade. The updated 5.14.y git tree can be found at: git://git.kernel.org/pub/scm/linux/kernel/git/stable/linux-stable.git linux-5.14.y and can be browsed at the normal kernel.org git web browser: https://git.kernel.org/?p=linux/kernel/git/stable/linux-s... thanks, greg k-h
Read more Also: Linux 5.10.69 Linux 5.4.149 Linux 4.19.208 Linux 4.14.248 Linux 4.9.284 Linux 4.4.285