Threat Post

Private SSH Key, Weak Default Credentials Removed From ExaGrid Appliances

ExaGrid has removed public-private pairings and weak, hardcoded default credentials from its disk-backup appliances. ExaGrid has removed a private SSH key and weak, hardcoded credentials shipping with ...
PC World

OpenSSH patches information leak that could expose private SSH keys

If you’re connecting to servers over the secure shell (SSH) protocol using an OpenSSH client, you should update it immediately. The latest version patches a flaw that could allow rogue or compromised ...
PC World

Millions of embedded devices use the same hard-coded SSH and TLS private keys

Thousands of routers, modems, IP cameras, VoIP phones and other embedded devices share the same hard-coded SSH (Secure Shell) host keys or HTTPS (HTTP Secure) server certificates, a study found. By ...
TechRepublic

How to use WinSCP with public key authentication

Public key authentication with SSH is possible with WinSCP, but it requires some work to set up. Chad Perrin details the steps. WinSCP is an open source tool for Windows that allows files to be safely ...
Bleeping Computer

Attackers Start Scans for SSH Keys After Report on Lack of SSH Security Controls

Crooks are mass-scanning online sites for directories containing SSH private keys so they can break into websites with any accidentally exposed credentials. SSH authentication can work via the classic ...
Network World

Millions of embedded devices use the same hard-coded SSH and TLS private keys

Thousands of routers, modems, IP cameras, VoIP phones and other embedded devices share the same hard-coded SSH (Secure Shell) host keys or HTTPS (HTTP Secure) server certificates, a study found. By ...