Nixpkgs Security Tracker

Login with GitHub

Suggestions search

All statuses
Filter by:
With package: libssh

Found 10 matching suggestions

Untriaged
Permalink CVE-2025-48041
created 4 months, 3 weeks ago
SSH_FXP_OPENDIR may Lead to Exhaustion of File Handles

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12.

Affected products

ssh
  • *
  • <pkg:otp/ssh@*

Matching in nixpkgs

pkgs.assh

Advanced SSH config - Regex, aliases, gateways, includes and dynamic hosts

  • nixos-unstable -

pkgs.pssh

Parallel SSH Tools

  • nixos-unstable -

pkgs.sshs

Terminal user interface for SSH

  • nixos-unstable -

pkgs.sshx

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.zssh

SSH and Telnet client with ZMODEM file transfer capability

  • nixos-unstable -

pkgs.passh

Sshpass alternative for non-interactive ssh auth

pkgs.sshed

ssh config editor and bookmarks manager

  • nixos-unstable -

pkgs.libssh

SSH client library

  • nixos-unstable -

pkgs.opkssh

Enables SSH to be used with OpenID Connect

  • nixos-unstable -

pkgs.smassh

TUI based typing test application inspired by MonkeyType

  • nixos-unstable -

pkgs.tarssh

Simple SSH tarpit inspired by endlessh

  • nixos-unstable -

pkgs.webssh

Web based SSH client

  • nixos-unstable -

pkgs.autossh

Automatically restart SSH sessions and tunnels

  • nixos-unstable -

pkgs.lazyssh

Terminal-based SSH manager

  • nixos-unstable -

pkgs.libssh2

Client-side C library implementing the SSH2 protocol

  • nixos-unstable -

pkgs.openssh

Implementation of the SSH protocol

  • nixos-unstable -

pkgs.sshoogr

A Groovy-based DSL for working with remote SSH servers

  • nixos-unstable -

pkgs.sshpass

Non-interactive ssh password auth

  • nixos-unstable -

pkgs.sshping

Measure character-echo latency and bandwidth for an interactive ssh session

  • nixos-unstable -

pkgs.baboossh

Tool to do SSH spreading

  • nixos-unstable -

pkgs.endlessh

SSH tarpit that slowly sends an endless banner

  • nixos-unstable -

pkgs.fast-ssh

TUI tool to use the SSH config for connections

  • nixos-unstable -

pkgs.hyperssh

Run SSH over hyperswarm

  • nixos-unstable -

pkgs.pam_rssh

PAM module for authenticating via ssh-agent, written in Rust

  • nixos-unstable -

pkgs.pfsshell

PFS (PlayStation File System) shell for POSIX-based systems

  • nixos-unstable -

pkgs.ssh-mitm

Tool for SSH security audits

  • nixos-unstable -

pkgs.sshesame

Easy to set up and use SSH honeypot

  • nixos-unstable -

pkgs.sshguard

Protects hosts from brute-force attacks

  • nixos-unstable -

pkgs.sshified

Proxy HTTP requests through SSH

  • nixos-unstable -

pkgs.sshlatex

Collection of hacks to efficiently run LaTeX via ssh

  • nixos-unstable -

pkgs.sshocker

Tool for SSH, reverse sshfs and port forwarder

  • nixos-unstable -

pkgs.sshuttle

Transparent proxy server that works as a poor man's VPN

  • nixos-unstable -

pkgs.guile-ssh

Bindings to Libssh for GNU Guile

  • nixos-unstable -

pkgs.ssh-audit

Tool for ssh server auditing

  • nixos-unstable -

pkgs.ssh-ident

Start and use ssh-agent and load identities as necessary

pkgs.ssh-tools

Making SSH more convenient

  • nixos-unstable -

pkgs.sshportal

Simple, fun and transparent SSH (and telnet) bastion server

  • nixos-unstable -

pkgs.tmux-cssh

SSH to multiple hosts at the same time using tmux

pkgs.trzsz-ssh

SSH client designed as a drop-in replacement for the openssh client

  • nixos-unstable -

pkgs.usbip-ssh

Import usb devices from another linux machine with ssh's connection forwarding mechanism

pkgs.ssh-agents

Spawn and maintain multiple ssh-agents across terminals

  • nixos-unstable -

pkgs.ssh-to-age

Convert ssh private keys in ed25519 format to age keys

  • nixos-unstable -

pkgs.ssh-to-pgp

Convert ssh private keys to PGP

  • nixos-unstable -

pkgs.sshchecker

Dedicated SSH brute-forcing tool

  • nixos-unstable -

pkgs.sshfs-fuse

FUSE-based filesystem that allows remote filesystems to be mounted over SSH

  • nixos-unstable -

pkgs.endlessh-go

Implementation of endlessh exporting Prometheus metrics

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

  • nixos-unstable -

pkgs.ssh-copy-id

Tool to copy SSH public keys to a remote machine

  • nixos-unstable -

pkgs.sshx-server

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.ssh-import-id

Retrieves an SSH public key and installs it locally

  • nixos-unstable -

pkgs.ssh-tpm-agent

SSH agent with support for TPM sealed keys for public key authentication

  • nixos-unstable -

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

  • nixos-unstable -

pkgs.tkey-ssh-agent

SSH Agent for TKey, the flexible open hardware/software USB security key

  • nixos-unstable -

pkgs.vault-ssh-plus

Automatically use HashiCorp Vault SSH Client Key Signing with ssh(1)

  • nixos-unstable -

pkgs.x11_ssh_askpass

Lightweight passphrase dialog for OpenSSH or other open variants of SSH

pkgs.ssh-openpgp-auth

Command-line tool that provides client-side functionality to transparently verify the identity of remote SSH hosts

  • nixos-unstable -

pkgs.ssh-key-confirmer

Test ssh login key acceptance without having the private key

  • nixos-unstable -

pkgs.sshd-openpgp-auth

Command-line tool for creating and managing OpenPGP based trust anchors for SSH host keys

  • nixos-unstable -

pkgs.gnomeExtensions.guake-ssh

Systray menu to connect to SSH hosts configured in ~/.ssh/config or any files in ~/.ssh/config.d/ using Guake.

  • nixos-unstable -
    • nixpkgs-unstable 5

pkgs.gnomeExtensions.ssh-profile-list

SSH Profile List is a GNOME extension that allows you to show SSH connections from .ssh/config file directly from the GNOME panel systray. This extension is fork of https://github.com/pramalho/guake-ssh-extension that modified to run on any terminal.

  • nixos-unstable -
    • nixpkgs-unstable 1

Package maintainers

Untriaged
Permalink CVE-2025-48040
created 4 months, 3 weeks ago
Malicious Key Exchange Messages may Lead to Excessive Resource Consumption

Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12.

Affected products

ssh
  • *
  • <pkg:otp/ssh@*

Matching in nixpkgs

pkgs.assh

Advanced SSH config - Regex, aliases, gateways, includes and dynamic hosts

  • nixos-unstable -

pkgs.pssh

Parallel SSH Tools

  • nixos-unstable -

pkgs.sshs

Terminal user interface for SSH

  • nixos-unstable -

pkgs.sshx

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.zssh

SSH and Telnet client with ZMODEM file transfer capability

  • nixos-unstable -

pkgs.passh

Sshpass alternative for non-interactive ssh auth

pkgs.sshed

ssh config editor and bookmarks manager

  • nixos-unstable -

pkgs.libssh

SSH client library

  • nixos-unstable -

pkgs.opkssh

Enables SSH to be used with OpenID Connect

  • nixos-unstable -

pkgs.smassh

TUI based typing test application inspired by MonkeyType

  • nixos-unstable -

pkgs.tarssh

Simple SSH tarpit inspired by endlessh

  • nixos-unstable -

pkgs.webssh

Web based SSH client

  • nixos-unstable -

pkgs.autossh

Automatically restart SSH sessions and tunnels

  • nixos-unstable -

pkgs.lazyssh

Terminal-based SSH manager

  • nixos-unstable -

pkgs.libssh2

Client-side C library implementing the SSH2 protocol

  • nixos-unstable -

pkgs.openssh

Implementation of the SSH protocol

  • nixos-unstable -

pkgs.sshoogr

A Groovy-based DSL for working with remote SSH servers

  • nixos-unstable -

pkgs.sshpass

Non-interactive ssh password auth

  • nixos-unstable -

pkgs.sshping

Measure character-echo latency and bandwidth for an interactive ssh session

  • nixos-unstable -

pkgs.baboossh

Tool to do SSH spreading

  • nixos-unstable -

pkgs.endlessh

SSH tarpit that slowly sends an endless banner

  • nixos-unstable -

pkgs.fast-ssh

TUI tool to use the SSH config for connections

  • nixos-unstable -

pkgs.hyperssh

Run SSH over hyperswarm

  • nixos-unstable -

pkgs.pam_rssh

PAM module for authenticating via ssh-agent, written in Rust

  • nixos-unstable -

pkgs.pfsshell

PFS (PlayStation File System) shell for POSIX-based systems

  • nixos-unstable -

pkgs.ssh-mitm

Tool for SSH security audits

  • nixos-unstable -

pkgs.sshesame

Easy to set up and use SSH honeypot

  • nixos-unstable -

pkgs.sshguard

Protects hosts from brute-force attacks

  • nixos-unstable -

pkgs.sshified

Proxy HTTP requests through SSH

  • nixos-unstable -

pkgs.sshlatex

Collection of hacks to efficiently run LaTeX via ssh

  • nixos-unstable -

pkgs.sshocker

Tool for SSH, reverse sshfs and port forwarder

  • nixos-unstable -

pkgs.sshuttle

Transparent proxy server that works as a poor man's VPN

  • nixos-unstable -

pkgs.guile-ssh

Bindings to Libssh for GNU Guile

  • nixos-unstable -

pkgs.ssh-audit

Tool for ssh server auditing

  • nixos-unstable -

pkgs.ssh-ident

Start and use ssh-agent and load identities as necessary

pkgs.ssh-tools

Making SSH more convenient

  • nixos-unstable -

pkgs.sshportal

Simple, fun and transparent SSH (and telnet) bastion server

  • nixos-unstable -

pkgs.tmux-cssh

SSH to multiple hosts at the same time using tmux

pkgs.trzsz-ssh

SSH client designed as a drop-in replacement for the openssh client

  • nixos-unstable -

pkgs.usbip-ssh

Import usb devices from another linux machine with ssh's connection forwarding mechanism

pkgs.ssh-agents

Spawn and maintain multiple ssh-agents across terminals

  • nixos-unstable -

pkgs.ssh-to-age

Convert ssh private keys in ed25519 format to age keys

  • nixos-unstable -

pkgs.ssh-to-pgp

Convert ssh private keys to PGP

  • nixos-unstable -

pkgs.sshchecker

Dedicated SSH brute-forcing tool

  • nixos-unstable -

pkgs.sshfs-fuse

FUSE-based filesystem that allows remote filesystems to be mounted over SSH

  • nixos-unstable -

pkgs.endlessh-go

Implementation of endlessh exporting Prometheus metrics

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

  • nixos-unstable -

pkgs.ssh-copy-id

Tool to copy SSH public keys to a remote machine

  • nixos-unstable -

pkgs.sshx-server

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.ssh-import-id

Retrieves an SSH public key and installs it locally

  • nixos-unstable -

pkgs.ssh-tpm-agent

SSH agent with support for TPM sealed keys for public key authentication

  • nixos-unstable -

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

  • nixos-unstable -

pkgs.tkey-ssh-agent

SSH Agent for TKey, the flexible open hardware/software USB security key

  • nixos-unstable -

pkgs.vault-ssh-plus

Automatically use HashiCorp Vault SSH Client Key Signing with ssh(1)

  • nixos-unstable -

pkgs.x11_ssh_askpass

Lightweight passphrase dialog for OpenSSH or other open variants of SSH

pkgs.ssh-openpgp-auth

Command-line tool that provides client-side functionality to transparently verify the identity of remote SSH hosts

  • nixos-unstable -

pkgs.ssh-key-confirmer

Test ssh login key acceptance without having the private key

  • nixos-unstable -

pkgs.sshd-openpgp-auth

Command-line tool for creating and managing OpenPGP based trust anchors for SSH host keys

  • nixos-unstable -

pkgs.gnomeExtensions.guake-ssh

Systray menu to connect to SSH hosts configured in ~/.ssh/config or any files in ~/.ssh/config.d/ using Guake.

  • nixos-unstable -
    • nixpkgs-unstable 5

pkgs.gnomeExtensions.ssh-profile-list

SSH Profile List is a GNOME extension that allows you to show SSH connections from .ssh/config file directly from the GNOME panel systray. This extension is fork of https://github.com/pramalho/guake-ssh-extension that modified to run on any terminal.

  • nixos-unstable -
    • nixpkgs-unstable 1

Package maintainers

Untriaged
Permalink CVE-2025-48038
created 4 months, 3 weeks ago
Unverified File Handles can Cause Excessive Use of System Resources

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12.

Affected products

ssh
  • *
  • <pkg:otp/ssh@*

Matching in nixpkgs

pkgs.assh

Advanced SSH config - Regex, aliases, gateways, includes and dynamic hosts

  • nixos-unstable -

pkgs.pssh

Parallel SSH Tools

  • nixos-unstable -

pkgs.sshs

Terminal user interface for SSH

  • nixos-unstable -

pkgs.sshx

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.zssh

SSH and Telnet client with ZMODEM file transfer capability

  • nixos-unstable -

pkgs.passh

Sshpass alternative for non-interactive ssh auth

pkgs.sshed

ssh config editor and bookmarks manager

  • nixos-unstable -

pkgs.libssh

SSH client library

  • nixos-unstable -

pkgs.opkssh

Enables SSH to be used with OpenID Connect

  • nixos-unstable -

pkgs.smassh

TUI based typing test application inspired by MonkeyType

  • nixos-unstable -

pkgs.tarssh

Simple SSH tarpit inspired by endlessh

  • nixos-unstable -

pkgs.webssh

Web based SSH client

  • nixos-unstable -

pkgs.autossh

Automatically restart SSH sessions and tunnels

  • nixos-unstable -

pkgs.lazyssh

Terminal-based SSH manager

  • nixos-unstable -

pkgs.libssh2

Client-side C library implementing the SSH2 protocol

  • nixos-unstable -

pkgs.openssh

Implementation of the SSH protocol

  • nixos-unstable -

pkgs.sshoogr

A Groovy-based DSL for working with remote SSH servers

  • nixos-unstable -

pkgs.sshpass

Non-interactive ssh password auth

  • nixos-unstable -

pkgs.sshping

Measure character-echo latency and bandwidth for an interactive ssh session

  • nixos-unstable -

pkgs.baboossh

Tool to do SSH spreading

  • nixos-unstable -

pkgs.endlessh

SSH tarpit that slowly sends an endless banner

  • nixos-unstable -

pkgs.fast-ssh

TUI tool to use the SSH config for connections

  • nixos-unstable -

pkgs.hyperssh

Run SSH over hyperswarm

  • nixos-unstable -

pkgs.pam_rssh

PAM module for authenticating via ssh-agent, written in Rust

  • nixos-unstable -

pkgs.pfsshell

PFS (PlayStation File System) shell for POSIX-based systems

  • nixos-unstable -

pkgs.ssh-mitm

Tool for SSH security audits

  • nixos-unstable -

pkgs.sshesame

Easy to set up and use SSH honeypot

  • nixos-unstable -

pkgs.sshguard

Protects hosts from brute-force attacks

  • nixos-unstable -

pkgs.sshified

Proxy HTTP requests through SSH

  • nixos-unstable -

pkgs.sshlatex

Collection of hacks to efficiently run LaTeX via ssh

  • nixos-unstable -

pkgs.sshocker

Tool for SSH, reverse sshfs and port forwarder

  • nixos-unstable -

pkgs.sshuttle

Transparent proxy server that works as a poor man's VPN

  • nixos-unstable -

pkgs.guile-ssh

Bindings to Libssh for GNU Guile

  • nixos-unstable -

pkgs.ssh-audit

Tool for ssh server auditing

  • nixos-unstable -

pkgs.ssh-ident

Start and use ssh-agent and load identities as necessary

pkgs.ssh-tools

Making SSH more convenient

  • nixos-unstable -

pkgs.sshportal

Simple, fun and transparent SSH (and telnet) bastion server

  • nixos-unstable -

pkgs.tmux-cssh

SSH to multiple hosts at the same time using tmux

pkgs.trzsz-ssh

SSH client designed as a drop-in replacement for the openssh client

  • nixos-unstable -

pkgs.usbip-ssh

Import usb devices from another linux machine with ssh's connection forwarding mechanism

pkgs.ssh-agents

Spawn and maintain multiple ssh-agents across terminals

  • nixos-unstable -

pkgs.ssh-to-age

Convert ssh private keys in ed25519 format to age keys

  • nixos-unstable -

pkgs.ssh-to-pgp

Convert ssh private keys to PGP

  • nixos-unstable -

pkgs.sshchecker

Dedicated SSH brute-forcing tool

  • nixos-unstable -

pkgs.sshfs-fuse

FUSE-based filesystem that allows remote filesystems to be mounted over SSH

  • nixos-unstable -

pkgs.endlessh-go

Implementation of endlessh exporting Prometheus metrics

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

  • nixos-unstable -

pkgs.ssh-copy-id

Tool to copy SSH public keys to a remote machine

  • nixos-unstable -

pkgs.sshx-server

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.ssh-import-id

Retrieves an SSH public key and installs it locally

  • nixos-unstable -

pkgs.ssh-tpm-agent

SSH agent with support for TPM sealed keys for public key authentication

  • nixos-unstable -

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

  • nixos-unstable -

pkgs.tkey-ssh-agent

SSH Agent for TKey, the flexible open hardware/software USB security key

  • nixos-unstable -

pkgs.vault-ssh-plus

Automatically use HashiCorp Vault SSH Client Key Signing with ssh(1)

  • nixos-unstable -

pkgs.x11_ssh_askpass

Lightweight passphrase dialog for OpenSSH or other open variants of SSH

pkgs.ssh-openpgp-auth

Command-line tool that provides client-side functionality to transparently verify the identity of remote SSH hosts

  • nixos-unstable -

pkgs.ssh-key-confirmer

Test ssh login key acceptance without having the private key

  • nixos-unstable -

pkgs.sshd-openpgp-auth

Command-line tool for creating and managing OpenPGP based trust anchors for SSH host keys

  • nixos-unstable -

pkgs.gnomeExtensions.guake-ssh

Systray menu to connect to SSH hosts configured in ~/.ssh/config or any files in ~/.ssh/config.d/ using Guake.

  • nixos-unstable -
    • nixpkgs-unstable 5

pkgs.gnomeExtensions.ssh-profile-list

SSH Profile List is a GNOME extension that allows you to show SSH connections from .ssh/config file directly from the GNOME panel systray. This extension is fork of https://github.com/pramalho/guake-ssh-extension that modified to run on any terminal.

  • nixos-unstable -
    • nixpkgs-unstable 1

Package maintainers

Untriaged
Permalink CVE-2025-48039
created 4 months, 3 weeks ago
Unverified Paths can Cause Excessive Use of System Resources

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12.

Affected products

ssh
  • <pkg:otp/ssh@*
  • *

Matching in nixpkgs

pkgs.assh

Advanced SSH config - Regex, aliases, gateways, includes and dynamic hosts

  • nixos-unstable -

pkgs.pssh

Parallel SSH Tools

  • nixos-unstable -

pkgs.sshs

Terminal user interface for SSH

  • nixos-unstable -

pkgs.sshx

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.zssh

SSH and Telnet client with ZMODEM file transfer capability

  • nixos-unstable -

pkgs.passh

Sshpass alternative for non-interactive ssh auth

pkgs.sshed

ssh config editor and bookmarks manager

  • nixos-unstable -

pkgs.libssh

SSH client library

  • nixos-unstable -

pkgs.opkssh

Enables SSH to be used with OpenID Connect

  • nixos-unstable -

pkgs.smassh

TUI based typing test application inspired by MonkeyType

  • nixos-unstable -

pkgs.tarssh

Simple SSH tarpit inspired by endlessh

  • nixos-unstable -

pkgs.webssh

Web based SSH client

  • nixos-unstable -

pkgs.autossh

Automatically restart SSH sessions and tunnels

  • nixos-unstable -

pkgs.lazyssh

Terminal-based SSH manager

  • nixos-unstable -

pkgs.libssh2

Client-side C library implementing the SSH2 protocol

  • nixos-unstable -

pkgs.openssh

Implementation of the SSH protocol

  • nixos-unstable -

pkgs.sshoogr

A Groovy-based DSL for working with remote SSH servers

  • nixos-unstable -

pkgs.sshpass

Non-interactive ssh password auth

  • nixos-unstable -

pkgs.sshping

Measure character-echo latency and bandwidth for an interactive ssh session

  • nixos-unstable -

pkgs.baboossh

Tool to do SSH spreading

  • nixos-unstable -

pkgs.endlessh

SSH tarpit that slowly sends an endless banner

  • nixos-unstable -

pkgs.fast-ssh

TUI tool to use the SSH config for connections

  • nixos-unstable -

pkgs.hyperssh

Run SSH over hyperswarm

  • nixos-unstable -

pkgs.pam_rssh

PAM module for authenticating via ssh-agent, written in Rust

  • nixos-unstable -

pkgs.pfsshell

PFS (PlayStation File System) shell for POSIX-based systems

  • nixos-unstable -

pkgs.ssh-mitm

Tool for SSH security audits

  • nixos-unstable -

pkgs.sshesame

Easy to set up and use SSH honeypot

  • nixos-unstable -

pkgs.sshguard

Protects hosts from brute-force attacks

  • nixos-unstable -

pkgs.sshified

Proxy HTTP requests through SSH

  • nixos-unstable -

pkgs.sshlatex

Collection of hacks to efficiently run LaTeX via ssh

  • nixos-unstable -

pkgs.sshocker

Tool for SSH, reverse sshfs and port forwarder

  • nixos-unstable -

pkgs.sshuttle

Transparent proxy server that works as a poor man's VPN

  • nixos-unstable -

pkgs.guile-ssh

Bindings to Libssh for GNU Guile

  • nixos-unstable -

pkgs.ssh-audit

Tool for ssh server auditing

  • nixos-unstable -

pkgs.ssh-ident

Start and use ssh-agent and load identities as necessary

pkgs.ssh-tools

Making SSH more convenient

  • nixos-unstable -

pkgs.sshportal

Simple, fun and transparent SSH (and telnet) bastion server

  • nixos-unstable -

pkgs.tmux-cssh

SSH to multiple hosts at the same time using tmux

pkgs.trzsz-ssh

SSH client designed as a drop-in replacement for the openssh client

  • nixos-unstable -

pkgs.usbip-ssh

Import usb devices from another linux machine with ssh's connection forwarding mechanism

pkgs.ssh-agents

Spawn and maintain multiple ssh-agents across terminals

  • nixos-unstable -

pkgs.ssh-to-age

Convert ssh private keys in ed25519 format to age keys

  • nixos-unstable -

pkgs.ssh-to-pgp

Convert ssh private keys to PGP

  • nixos-unstable -

pkgs.sshchecker

Dedicated SSH brute-forcing tool

  • nixos-unstable -

pkgs.sshfs-fuse

FUSE-based filesystem that allows remote filesystems to be mounted over SSH

  • nixos-unstable -

pkgs.endlessh-go

Implementation of endlessh exporting Prometheus metrics

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

  • nixos-unstable -

pkgs.ssh-copy-id

Tool to copy SSH public keys to a remote machine

  • nixos-unstable -

pkgs.sshx-server

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.ssh-import-id

Retrieves an SSH public key and installs it locally

  • nixos-unstable -

pkgs.ssh-tpm-agent

SSH agent with support for TPM sealed keys for public key authentication

  • nixos-unstable -

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

  • nixos-unstable -

pkgs.tkey-ssh-agent

SSH Agent for TKey, the flexible open hardware/software USB security key

  • nixos-unstable -

pkgs.vault-ssh-plus

Automatically use HashiCorp Vault SSH Client Key Signing with ssh(1)

  • nixos-unstable -

pkgs.x11_ssh_askpass

Lightweight passphrase dialog for OpenSSH or other open variants of SSH

pkgs.ssh-openpgp-auth

Command-line tool that provides client-side functionality to transparently verify the identity of remote SSH hosts

  • nixos-unstable -

pkgs.ssh-key-confirmer

Test ssh login key acceptance without having the private key

  • nixos-unstable -

pkgs.sshd-openpgp-auth

Command-line tool for creating and managing OpenPGP based trust anchors for SSH host keys

  • nixos-unstable -

pkgs.gnomeExtensions.guake-ssh

Systray menu to connect to SSH hosts configured in ~/.ssh/config or any files in ~/.ssh/config.d/ using Guake.

  • nixos-unstable -
    • nixpkgs-unstable 5

pkgs.gnomeExtensions.ssh-profile-list

SSH Profile List is a GNOME extension that allows you to show SSH connections from .ssh/config file directly from the GNOME panel systray. This extension is fork of https://github.com/pramalho/guake-ssh-extension that modified to run on any terminal.

  • nixos-unstable -
    • nixpkgs-unstable 1

Package maintainers

Untriaged
Permalink CVE-2025-8277
created 4 months, 3 weeks ago
Libssh: memory exhaustion via repeated key exchange in libssh

A flaw was found in libssh's handling of key exchange (KEX) processes when a client repeatedly sends incorrect KEX guesses. The library fails to free memory during these rekey operations, which can gradually exhaust system memory. This issue can lead to crashes on the client side, particularly when using libgcrypt, which impacts application stability and availability.

Affected products

rhcos
libssh
  • <0.11.4
  • <0.11.3
libssh2

Matching in nixpkgs

pkgs.libssh

SSH client library

  • nixos-unstable -

pkgs.libssh2

Client-side C library implementing the SSH2 protocol

  • nixos-unstable -

Package maintainers

Untriaged
Permalink CVE-2025-4877
created 4 months, 3 weeks ago
Libssh: write beyond bounds in binary to base64 conversion functions

There's a vulnerability in the libssh package where when a libssh consumer passes in an unexpectedly large input buffer to ssh_get_fingerprint_hash() function. In such cases the bin_to_base64() function can experience an integer overflow leading to a memory under allocation, when that happens it's possible that the program perform out of bounds write leading to a heap corruption. This issue affects only 32-bits builds of libssh.

Affected products

rhcos
libssh
  • <0.11.2
libssh2

Matching in nixpkgs

pkgs.libssh

SSH client library

  • nixos-unstable -

pkgs.libssh2

Client-side C library implementing the SSH2 protocol

  • nixos-unstable -

Package maintainers

Untriaged
Permalink CVE-2025-5449
created 4 months, 3 weeks ago
Libssh: integer overflow in libssh sftp server packet length validation leading to denial of service

A flaw was found in the SFTP server message decoding logic of libssh. The issue occurs due to an incorrect packet length check that allows an integer overflow when handling large payload sizes on 32-bit systems. This issue leads to failed memory allocation and causes the server process to crash, resulting in a denial of service.

Affected products

rhcos
libssh
  • =<0.11.1
libssh2

Matching in nixpkgs

pkgs.libssh

SSH client library

  • nixos-unstable -

pkgs.libssh2

Client-side C library implementing the SSH2 protocol

  • nixos-unstable -

Package maintainers

Untriaged
Permalink CVE-2025-8114
created 4 months, 3 weeks ago
: null pointer dereference in libssh kex session id calculation

A flaw was found in libssh, a library that implements the SSH protocol. When calculating the session ID during the key exchange (KEX) process, an allocation failure in cryptographic functions may lead to a NULL pointer dereference. This issue can cause the client or server to crash.

Affected products

rhcos
libssh
  • <0.11.3
libssh2

Matching in nixpkgs

pkgs.libssh

SSH client library

  • nixos-unstable -

pkgs.libssh2

Client-side C library implementing the SSH2 protocol

  • nixos-unstable -

Package maintainers

Untriaged
Permalink CVE-2025-4878
created 4 months, 3 weeks ago
Libssh: use of uninitialized variable in privatekey_from_file()

A vulnerability was found in libssh, where an uninitialized variable exists under certain conditions in the privatekey_from_file() function. This flaw can be triggered if the file specified by the filename doesn't exist and may lead to possible signing failures or heap corruption.

Affected products

rhcos
libssh
  • <0.11.2
libssh2

Matching in nixpkgs

pkgs.libssh

SSH client library

  • nixos-unstable -

pkgs.libssh2

Client-side C library implementing the SSH2 protocol

  • nixos-unstable -

Package maintainers

Untriaged
Permalink CVE-2025-5987
created 4 months, 3 weeks ago
Libssh: invalid return code for chacha20 poly1305 with openssl backend

A flaw was found in libssh when using the ChaCha20 cipher with the OpenSSL library. If an attacker manages to exhaust the heap space, this error is not detected and may lead to libssh using a partially initialized cipher context. This occurs because the OpenSSL error code returned aliases with the SSH_OK code, resulting in libssh not properly detecting the error returned by the OpenSSL library. This issue can lead to undefined behavior, including compromised data confidentiality and integrity or crashes.

Affected products

rhcos
  • *
libssh
  • <0.11.2
  • *
libssh2

Matching in nixpkgs

pkgs.libssh

SSH client library

  • nixos-unstable -

pkgs.libssh2

Client-side C library implementing the SSH2 protocol

  • nixos-unstable -

Package maintainers