BSD Now TV Episode 13: Bridging the Gap

A new BSD Now TV episode (Bridging the gap – episode 13) has been uploaded, featuring an interview with Jordan Hubbard, one of the founders of the FreeBSD project – and the one who invented ports!

Other topics discussed are:

  • Getting to know your portmgr
  • vBSDCon wrap-up compilation
  • Faces of FreeBSD
  • Dragonfly 3.6 released
  • Interview – Jordan Hubbard
  • News Roundup
  • pfSense 2.1 on AWS EC2
  • Puffy on the desktop
  • Two-factor authentication with SSH
  • PCBSD weekly digest
  • Feedback/Questions

rootbsd_banner1This post is sponsored by our partner RootBSD, an expert in BSD style web hosting : stable, secure, flexible and friendly.

FreeBSD Security Advisory: OpenSSH

FreeBSD Security AdvisortyThe FreeBSD Security Team has identified a memory corruption vulnerability in OpenSSH and has issued the following security advisory: FreeBSD-SA-13:14.openssh  (19/11/2013).

I. Background

OpenSSH is an implementation of the SSH protocol suite, providing an encrypted and authenticated transport for a variety of services, including remote shell access.

AES-GCM (Galois/Counter Mode) is a mode of operation for AES block cipher that combines the counter mode of encryption with the Galois mode of authentication which can offer throughput rates for state of the art, high speed communication channels.

OpenSSH supports the AES-GCM algorithm as specified in RFC 5647.

II. Problem Description

A memory corruption vulnerability exists in the post-authentication sshd process when an AES-GCM cipher (aes128-gcm@openssh.com or aes256-gcm@openssh.com) is selected during key exchange.

III. Impact

If exploited, this vulnerability might permit code execution with the privileges of the authenticated user, thereby allowing a malicious user with valid credentials to bypass shell or command restrictions placed on their account.

For a workaround and solution, check out the security advisory: FreeBSD-SA-13:14.openssh

FreeBSD Journal announced

The FreeBSD Foundation has announced that it will launch the FreeBSD Journal in January 2014. The Journal will be a bi-monthly publication and will be available on the web or as an Android/iPhone/Kindle app.

We are preparing the debut our new online magazine, the FreeBSD Journal. We created high-quality brochures to teach people about FreeBSD. We also visited companies to help facilitate collaboration efforts with the Project.

The first issue will be focusing on (the then released) FreeBSD 10, the ZFS file system, the ARM Beaglebone Black on FreeBSD, the Clang compiler, and many other interesting subjects

It’s great to see the FreeBSD Foundation funding a purely FreeBSD focused magazine, and I’m sure the high quality content will make more companies move over to this rock solid operating system.

freebsd_journal_promo

BSDNow Episode 12: Collecting SSHells

The BSDNow.tv team has uploaded recording no. 12. In it Amitai Schlair of the NetBSD foundation is interviewed about pkgsrc, NetBSD’s future plans and much more. After that, if you’ve ever wondered what all this SSH stuff is about, the tutorial has got you covered. The basics of SSH will be shown, as well as how to combine it with tmux for persistent sessions.

rootbsd_banner1This post is sponsored by our partner RootBSD, an expert in BSD style web hosting : stable, secure, flexible and friendly.

BSDNow TV Episode 011: The Gateway Drug (video)

bsd_now_logoThe BSDNow team, (Kris MooreAllan JudeTJ and Chris Fisher), have uploaded another weekly video onto bsdnow.tv.

The show is dedicated to spreading the word about the BSD family of operating systems, and keeping those who are already aware up to date with the latest news and developments.

Episode 011: The Gateway Drug - table of contents

  • OpenSSH 6.4 released
  • Getting to know your portmgr-lurkers
  • FUSE in OpenBSD
  • Automated submission of kernel panic reports
  • Interview – Justin Sherrill
  • Building an OpenBSD Router
  • BSD router project 1.5 released
  • Curve25519 now default key exchange
  • FreeBSD kernel selection in boot menu
  • PCBSD weekly digest
  • Theo de Raadt speaking at MUUG

BSDNow TV Episode 009: Year of the BSD Desktop (video)

The BSDNow team, (Kris MooreAllan JudeTJ and Chris Fisher), have uploaded another weekly video onto bsdnow.tv.

The show is dedicated to spreading the word about the BSD family of operating systems, and keeping those who are already aware up to date with the latest news and developments.

  • OpenBSD 5.4 released
  • FreeBSD pkgng repos are official
  • DragonflyBSD 3.6 branched
  • FreeBSD portmgr lurkers
  • Interview – Michael W. Lucas
  • Configuring FreeBSD as a desktop system (tutorial)
  • Capsicum in DragonflyBSD
  • NYCBSDCon 2014
  • FreeBSD newcons progress update
  • Weekly PCBSD feature digest

Episode 010: Year of the BSD Desktop - table of contents