Agree with Chris and Iain, OpenSSH is reasonably well audited, along with its dependencies, it’s just the link with systemd that causes this issue. I haven’t used

Xen for about ten years, does it use systemd?

If it does can you remove the link to stop future attacks so start it with an init script?

Kamal

On Sun, 14 Apr 2024 at 19:31, iain via BitFolk Users <users@mailman.bitfolk.com> wrote:

I don't want to be paniced by this. Yes, a backdoor was sneaked into SSH. But it was found and removed.

I'm pretty confident that a backdoor attempt will be made to something else in the future, but my guess is that SSH will not be the target: too many people will be watching.

It might be useful to be able to block SSH access from certain regions (for example, China, Russia and MAGAland*) but to replace a simple, reliable system like SSH with a complex and therefore insecure web-page-based kludge feels like a leap in the wrong direction.

It ain't broke: please don't fix it.

*It isn't very likely, but it is possible that the USA will end up with either Trump as president, or in a modern civil war, some of which will be fought on the web.
On 14 Apr 2024 at 01:33, Andy Smith via BitFolk Users <users@mailman.bitfolk.com> wrote:
Hi,

In light of the recent XZ/lzma backdoor we should perhaps think
harder about how complex sshd is and the wisdom of exposing that to
the entire Internet.
_______________________________________________
BitFolk Users mailing list <users@mailman.bitfolk.com>
You're subscribed as <shakerky@googlemail.com>
Unsubscribe: <https://mailman.bitfolk.com/mailman/postorius/lists/users.mailman.bitfolk.com/>
or send an email to <users-leave@mailman.bitfolk.com>