Issue 187
Published May 29, 2024

SSH Agent security, FreeBSD events and more.

Releases

No releases.

BSDSec

No security announcements.

As always, it’s worth following BSDSec. RSS feed and Twitter account available.

News

The Valuable News: The Valuable News weekly series is dedicated to provide summary about news, articles and other interesting stuff mostly but not always related to the UNIX/BSD/Linux systems.

HardenedBSD status report.: May status reports about new changes and developments.

BSD Now 560: FreeBSD Status Report First Quarter 2024, Why not BSD, LibreSSL version 3.9.2 released, Running NetBSD on OmniOS using bhyve, X.Org on NetBSD, Unix version control lore: what, ident, How I search in 2024, sshd split into multiple binaries, and more.

Why FreeBSD Events are Important to Furthering the Development of FreeBSD: People of all ages and levels of experience come together at these conferences to share their knowledge and to support each other. It’s inspiring to see long-time contributors eagerly helping newer members and embracing fresh ideas. The exchange of perspectives between seasoned and young attendees creates an open and collaborative atmosphere that benefits everyone involved.

Important message for Apple Silicon OpenBSD/arm64 users: The system firmware that comes with macOS Sonoma 14.5 triggers a bug in the m1n1 bootloader that is used to boot OpenBSD on these machines. The bug will prevent OpenBSD from booting on some machines after the macOS update has been installed.

Tutorials

Improve your SSH agent security: If you are using SSH quite often, it is likely you use an SSH agent which stores your private key in memory so you do not have to type your password every time. This method is convenient, but it comes at the expense of your SSH key use security, anyone able to use your session while the agent holds the key unlocked can use your SSH key. This scenario is most likely to happen when using a compromised build script. However, it is possible to harden this process at a small expense of convenience, make your SSH agent ask for confirmation every time the key has to be used.

Did we miss anything?

This newsletter is made from your content on DiscoverBSD and BSDSec. Submit the stuff we missed so it can appear next time.

Do you have an OSS BSD-related project that you would like to showcase in BSD Weekly? Reply to sender and we can showcase you as a sponsor of an issue (for free).

Do you know anyone who would like this newsletter? Consider forwarding and tell them to subscribe.

Thanks for reading and see you next week! Stay safe!

Become a Sponsor! Become a Patron!

We won't spam you. Unsubscribe any time.