Need an SSH client on Windows? Don’t use Putty or CygWin…use Git

Ok, maybe not…but its very likely that if you are reading this and find yourself needing to SSH here and there, you also use GIT. Well many are unaware that git for windows bundles several Linux familiar tools. Many might use these in the git bash shell.

Source: Need an SSH client on Windows? Don’t use Putty or CygWin…use Git — Hurry Up and Wait!

Introducing WinSCP

WinSCP is an open source free SFTP client, FTP client, WebDAV client and SCP client for Windows. Its main function is file transfer between a local and a remote computer. Beyond this, WinSCP offers scripting and basic file manager functionality.

via Introducing WinSCP :: WinSCP.

This is a very useful program to get files off a PC and onto a Linux server which supports these services out of the box.  I find Samba to be too clunky, unreliable, and very noisy on an open network by broadcasting packets to everyone.  Only now did I have a need for something like this and SCP solves my problem and is more secure and easier to use than standard ftp.   I still map drives using Samba on my closed network but I may try out the windows version of sshfs sometime in the future.   The user interface on this tool is very intuitive and works well.

Why aren’t we using SSH for everything?

A few weeks ago, I wrote ssh-chat.

The idea is simple: You open your terminal and type,

$ ssh

Unlike many others, you might stop yourself before typing “ls” and notice — that’s no shell, it’s a chat room!

via Why aren’t we using SSH for everything? — Medium.

I was just thinking about how useful and simple ssh is for doing end to end encryption for various services before being notified of this post.  On a linux box you can ssh -X remotehost and bring up any X-windowed app from a terminal command.  Very simple.  Very useful. Very secure.  For copying files there’s the scp command.  And one final shout out to the sshfs command for mounting remote filesystems.

HP D2D/StoreOnce Backdoor

HP’s D2D product line, which has recently been rebranded “StoreOnce”, is effectively an expensive software platform.

via HP D2D/StoreOnce Backdoor.

Open up your favourite SSH client, key in the IP of an HP D2D unit. Enter in yourself the username HPSupport, and the password which has a SHA1 of 78a7ecf065324604540ad3c41c3bb8fe1d084c50. Say hello to an administrative account you didn’t know existed.

Welcome to DenyHosts

DenyHosts is a script intended to be run by Linux system administrators to help thwart SSH server attacks (also known as dictionary based attacks and brute force attacks).

If you’ve ever looked at your ssh log (/var/log/secure on Redhat, /var/log/auth.log on Mandrake, etc…) you may be alarmed to see how many hackers attempted to gain access to your server. Hopefully, none of them were successful (but then again, how would you know?). Wouldn’t it be better to automatically prevent that attacker from continuing to gain entry into your system?

via Welcome to DenyHosts.

Not me.  If I let ssh into the network I only allow it for the IP address I’m going to be accessing the network from.  These brute force attacks are annoying.  This little app may prove useful.  Will look into this.

Secure shell (SSH) client for the Android platform

ConnectBot is a Secure Shell client for the Android platform. Its ultimate goal is to create a secure connection through which you can use a shell on a remote machine and transfer files back and forth to your phone.

via connectbot – Secure shell (SSH) client for the Android platform – Google Project Hosting.

Putty is also available for Android but it’s nice there are two options for doing this.

Splinternet Behind the Great Firewall of China

GFW is not perfect, however. Some Chinese technical professionals can bypass it with a variety of methods and/or tools. An arms race between censorship and circumvention has been going on for years, and GFW has caused collateral damage along the way.

via Splinternet Behind the Great Firewall of China – ACM Queue.

VPN (virtual private network) and SSH (secure shell) are the most powerful and stable tools for bypassing all surveillance technologies, although the basic ideas are the same as with the aforementioned tools: proxies and encrypted channels. The only difference is that VPN and SSH depend on a private host (or virtual host) or an account outside of China, instead of open, free proxies. Only technical professionals are able to set up such hosts or accounts, and most of them are not free. Commercial or public VPN services will be blocked by IP address and/or domain names if they are popular enough. In fact, the domain names *vpn.* are all blocked (such as,,,,,, intrusion announced November 17th 2012

The compromise is believed to have occurred due to the leak of an SSH key from a developer who legitimately had access to the machines in question, and was not due to any vulnerability or code exploit within FreeBSD.

via intrusion announced November 17th 2012.

We unfortunately cannot guarantee the integrity of any packages available for installation between 19th September 2012 and 11th November 2012, or of any ports compiled from trees obtained via any means other than through or one of its mirrors. Although we have no evidence to suggest any tampering took place and believe such interference is unlikely, we have to recommend you consider reinstalling any machine from scratch, using trusted sources.

using DD to image a disk over SSH

What I like to do is log into the remote server and run “watch -n 1 iptables –list -v -n” to watch the byte count to give you an idea of how much data has been passed already. of course you’ll have to start iptables first if it isnt running.

via using DD to image a disk over SSH |

This is pretty useful too.  I couldn’t do this using sshfs so googled and found that regular ssh works.  I do not like to image disks with disks running other than the one being imaged.  I find it too dangerous that a single mistype could wipe out a functioning disk.  Doing this over a nework seems much safer.  Here’s the command I used from the linked to article:

ssh “dd if=/dev/sda” | dd of=/dev/sda bs=1024k conv=notrunc,noerror

The destination host feeds the image.  The host that runs this command is a Knoppix live boot with the only HD running being the one being written to.  I suppose if I were to do this a lot then a dedicated image machine might prove useful with an HD to store the images and some OS and a burn HD in a hot swap slot.  The HD with OS and images would be expendible in that an accidental overwrite would be a mere inconvenience instead of actual loss of data.

Tatu Ylonen, father of SSH, says security is ‘getting worse’

I think it’s getting worse. Consumer privacy is disappearing totally. And SSL [Secure Sockets Layer] is being questioned and the problem isn’t the protocol itself but the key infrastructure. There have been several incidents where someone has stolen from the certificate authorities.