Nixpkgs Security Tracker

Login with GitHub

Suggestions search

Untriaged
Filter by:
With package: openssh_hpnWithKerberos

Found 8 matching suggestions

Permalink CVE-2025-48041
created 4 months, 3 weeks ago
SSH_FXP_OPENDIR may Lead to Exhaustion of File Handles

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12.

Affected products

ssh
  • *
  • <pkg:otp/ssh@*

Matching in nixpkgs

pkgs.assh

Advanced SSH config - Regex, aliases, gateways, includes and dynamic hosts

  • nixos-unstable -

pkgs.pssh

Parallel SSH Tools

  • nixos-unstable -

pkgs.sshs

Terminal user interface for SSH

  • nixos-unstable -

pkgs.sshx

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.zssh

SSH and Telnet client with ZMODEM file transfer capability

  • nixos-unstable -

pkgs.passh

Sshpass alternative for non-interactive ssh auth

pkgs.sshed

ssh config editor and bookmarks manager

  • nixos-unstable -

pkgs.libssh

SSH client library

  • nixos-unstable -

pkgs.opkssh

Enables SSH to be used with OpenID Connect

  • nixos-unstable -

pkgs.smassh

TUI based typing test application inspired by MonkeyType

  • nixos-unstable -

pkgs.tarssh

Simple SSH tarpit inspired by endlessh

  • nixos-unstable -

pkgs.webssh

Web based SSH client

  • nixos-unstable -

pkgs.autossh

Automatically restart SSH sessions and tunnels

  • nixos-unstable -

pkgs.lazyssh

Terminal-based SSH manager

  • nixos-unstable -

pkgs.libssh2

Client-side C library implementing the SSH2 protocol

  • nixos-unstable -

pkgs.openssh

Implementation of the SSH protocol

  • nixos-unstable -

pkgs.sshoogr

A Groovy-based DSL for working with remote SSH servers

  • nixos-unstable -

pkgs.sshpass

Non-interactive ssh password auth

  • nixos-unstable -

pkgs.sshping

Measure character-echo latency and bandwidth for an interactive ssh session

  • nixos-unstable -

pkgs.baboossh

Tool to do SSH spreading

  • nixos-unstable -

pkgs.endlessh

SSH tarpit that slowly sends an endless banner

  • nixos-unstable -

pkgs.fast-ssh

TUI tool to use the SSH config for connections

  • nixos-unstable -

pkgs.hyperssh

Run SSH over hyperswarm

  • nixos-unstable -

pkgs.pam_rssh

PAM module for authenticating via ssh-agent, written in Rust

  • nixos-unstable -

pkgs.pfsshell

PFS (PlayStation File System) shell for POSIX-based systems

  • nixos-unstable -

pkgs.ssh-mitm

Tool for SSH security audits

  • nixos-unstable -

pkgs.sshesame

Easy to set up and use SSH honeypot

  • nixos-unstable -

pkgs.sshguard

Protects hosts from brute-force attacks

  • nixos-unstable -

pkgs.sshified

Proxy HTTP requests through SSH

  • nixos-unstable -

pkgs.sshlatex

Collection of hacks to efficiently run LaTeX via ssh

  • nixos-unstable -

pkgs.sshocker

Tool for SSH, reverse sshfs and port forwarder

  • nixos-unstable -

pkgs.sshuttle

Transparent proxy server that works as a poor man's VPN

  • nixos-unstable -

pkgs.guile-ssh

Bindings to Libssh for GNU Guile

  • nixos-unstable -

pkgs.ssh-audit

Tool for ssh server auditing

  • nixos-unstable -

pkgs.ssh-ident

Start and use ssh-agent and load identities as necessary

pkgs.ssh-tools

Making SSH more convenient

  • nixos-unstable -

pkgs.sshportal

Simple, fun and transparent SSH (and telnet) bastion server

  • nixos-unstable -

pkgs.tmux-cssh

SSH to multiple hosts at the same time using tmux

pkgs.trzsz-ssh

SSH client designed as a drop-in replacement for the openssh client

  • nixos-unstable -

pkgs.usbip-ssh

Import usb devices from another linux machine with ssh's connection forwarding mechanism

pkgs.ssh-agents

Spawn and maintain multiple ssh-agents across terminals

  • nixos-unstable -

pkgs.ssh-to-age

Convert ssh private keys in ed25519 format to age keys

  • nixos-unstable -

pkgs.ssh-to-pgp

Convert ssh private keys to PGP

  • nixos-unstable -

pkgs.sshchecker

Dedicated SSH brute-forcing tool

  • nixos-unstable -

pkgs.sshfs-fuse

FUSE-based filesystem that allows remote filesystems to be mounted over SSH

  • nixos-unstable -

pkgs.endlessh-go

Implementation of endlessh exporting Prometheus metrics

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

  • nixos-unstable -

pkgs.ssh-copy-id

Tool to copy SSH public keys to a remote machine

  • nixos-unstable -

pkgs.sshx-server

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.ssh-import-id

Retrieves an SSH public key and installs it locally

  • nixos-unstable -

pkgs.ssh-tpm-agent

SSH agent with support for TPM sealed keys for public key authentication

  • nixos-unstable -

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

  • nixos-unstable -

pkgs.tkey-ssh-agent

SSH Agent for TKey, the flexible open hardware/software USB security key

  • nixos-unstable -

pkgs.vault-ssh-plus

Automatically use HashiCorp Vault SSH Client Key Signing with ssh(1)

  • nixos-unstable -

pkgs.x11_ssh_askpass

Lightweight passphrase dialog for OpenSSH or other open variants of SSH

pkgs.ssh-openpgp-auth

Command-line tool that provides client-side functionality to transparently verify the identity of remote SSH hosts

  • nixos-unstable -

pkgs.ssh-key-confirmer

Test ssh login key acceptance without having the private key

  • nixos-unstable -

pkgs.sshd-openpgp-auth

Command-line tool for creating and managing OpenPGP based trust anchors for SSH host keys

  • nixos-unstable -

pkgs.gnomeExtensions.guake-ssh

Systray menu to connect to SSH hosts configured in ~/.ssh/config or any files in ~/.ssh/config.d/ using Guake.

  • nixos-unstable -
    • nixpkgs-unstable 5

pkgs.gnomeExtensions.ssh-profile-list

SSH Profile List is a GNOME extension that allows you to show SSH connections from .ssh/config file directly from the GNOME panel systray. This extension is fork of https://github.com/pramalho/guake-ssh-extension that modified to run on any terminal.

  • nixos-unstable -
    • nixpkgs-unstable 1

Package maintainers

Permalink CVE-2025-48040
created 4 months, 3 weeks ago
Malicious Key Exchange Messages may Lead to Excessive Resource Consumption

Uncontrolled Resource Consumption vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Flooding. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12.

Affected products

ssh
  • *
  • <pkg:otp/ssh@*

Matching in nixpkgs

pkgs.assh

Advanced SSH config - Regex, aliases, gateways, includes and dynamic hosts

  • nixos-unstable -

pkgs.pssh

Parallel SSH Tools

  • nixos-unstable -

pkgs.sshs

Terminal user interface for SSH

  • nixos-unstable -

pkgs.sshx

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.zssh

SSH and Telnet client with ZMODEM file transfer capability

  • nixos-unstable -

pkgs.passh

Sshpass alternative for non-interactive ssh auth

pkgs.sshed

ssh config editor and bookmarks manager

  • nixos-unstable -

pkgs.libssh

SSH client library

  • nixos-unstable -

pkgs.opkssh

Enables SSH to be used with OpenID Connect

  • nixos-unstable -

pkgs.smassh

TUI based typing test application inspired by MonkeyType

  • nixos-unstable -

pkgs.tarssh

Simple SSH tarpit inspired by endlessh

  • nixos-unstable -

pkgs.webssh

Web based SSH client

  • nixos-unstable -

pkgs.autossh

Automatically restart SSH sessions and tunnels

  • nixos-unstable -

pkgs.lazyssh

Terminal-based SSH manager

  • nixos-unstable -

pkgs.libssh2

Client-side C library implementing the SSH2 protocol

  • nixos-unstable -

pkgs.openssh

Implementation of the SSH protocol

  • nixos-unstable -

pkgs.sshoogr

A Groovy-based DSL for working with remote SSH servers

  • nixos-unstable -

pkgs.sshpass

Non-interactive ssh password auth

  • nixos-unstable -

pkgs.sshping

Measure character-echo latency and bandwidth for an interactive ssh session

  • nixos-unstable -

pkgs.baboossh

Tool to do SSH spreading

  • nixos-unstable -

pkgs.endlessh

SSH tarpit that slowly sends an endless banner

  • nixos-unstable -

pkgs.fast-ssh

TUI tool to use the SSH config for connections

  • nixos-unstable -

pkgs.hyperssh

Run SSH over hyperswarm

  • nixos-unstable -

pkgs.pam_rssh

PAM module for authenticating via ssh-agent, written in Rust

  • nixos-unstable -

pkgs.pfsshell

PFS (PlayStation File System) shell for POSIX-based systems

  • nixos-unstable -

pkgs.ssh-mitm

Tool for SSH security audits

  • nixos-unstable -

pkgs.sshesame

Easy to set up and use SSH honeypot

  • nixos-unstable -

pkgs.sshguard

Protects hosts from brute-force attacks

  • nixos-unstable -

pkgs.sshified

Proxy HTTP requests through SSH

  • nixos-unstable -

pkgs.sshlatex

Collection of hacks to efficiently run LaTeX via ssh

  • nixos-unstable -

pkgs.sshocker

Tool for SSH, reverse sshfs and port forwarder

  • nixos-unstable -

pkgs.sshuttle

Transparent proxy server that works as a poor man's VPN

  • nixos-unstable -

pkgs.guile-ssh

Bindings to Libssh for GNU Guile

  • nixos-unstable -

pkgs.ssh-audit

Tool for ssh server auditing

  • nixos-unstable -

pkgs.ssh-ident

Start and use ssh-agent and load identities as necessary

pkgs.ssh-tools

Making SSH more convenient

  • nixos-unstable -

pkgs.sshportal

Simple, fun and transparent SSH (and telnet) bastion server

  • nixos-unstable -

pkgs.tmux-cssh

SSH to multiple hosts at the same time using tmux

pkgs.trzsz-ssh

SSH client designed as a drop-in replacement for the openssh client

  • nixos-unstable -

pkgs.usbip-ssh

Import usb devices from another linux machine with ssh's connection forwarding mechanism

pkgs.ssh-agents

Spawn and maintain multiple ssh-agents across terminals

  • nixos-unstable -

pkgs.ssh-to-age

Convert ssh private keys in ed25519 format to age keys

  • nixos-unstable -

pkgs.ssh-to-pgp

Convert ssh private keys to PGP

  • nixos-unstable -

pkgs.sshchecker

Dedicated SSH brute-forcing tool

  • nixos-unstable -

pkgs.sshfs-fuse

FUSE-based filesystem that allows remote filesystems to be mounted over SSH

  • nixos-unstable -

pkgs.endlessh-go

Implementation of endlessh exporting Prometheus metrics

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

  • nixos-unstable -

pkgs.ssh-copy-id

Tool to copy SSH public keys to a remote machine

  • nixos-unstable -

pkgs.sshx-server

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.ssh-import-id

Retrieves an SSH public key and installs it locally

  • nixos-unstable -

pkgs.ssh-tpm-agent

SSH agent with support for TPM sealed keys for public key authentication

  • nixos-unstable -

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

  • nixos-unstable -

pkgs.tkey-ssh-agent

SSH Agent for TKey, the flexible open hardware/software USB security key

  • nixos-unstable -

pkgs.vault-ssh-plus

Automatically use HashiCorp Vault SSH Client Key Signing with ssh(1)

  • nixos-unstable -

pkgs.x11_ssh_askpass

Lightweight passphrase dialog for OpenSSH or other open variants of SSH

pkgs.ssh-openpgp-auth

Command-line tool that provides client-side functionality to transparently verify the identity of remote SSH hosts

  • nixos-unstable -

pkgs.ssh-key-confirmer

Test ssh login key acceptance without having the private key

  • nixos-unstable -

pkgs.sshd-openpgp-auth

Command-line tool for creating and managing OpenPGP based trust anchors for SSH host keys

  • nixos-unstable -

pkgs.gnomeExtensions.guake-ssh

Systray menu to connect to SSH hosts configured in ~/.ssh/config or any files in ~/.ssh/config.d/ using Guake.

  • nixos-unstable -
    • nixpkgs-unstable 5

pkgs.gnomeExtensions.ssh-profile-list

SSH Profile List is a GNOME extension that allows you to show SSH connections from .ssh/config file directly from the GNOME panel systray. This extension is fork of https://github.com/pramalho/guake-ssh-extension that modified to run on any terminal.

  • nixos-unstable -
    • nixpkgs-unstable 1

Package maintainers

Permalink CVE-2025-48038
created 4 months, 3 weeks ago
Unverified File Handles can Cause Excessive Use of System Resources

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12.

Affected products

ssh
  • *
  • <pkg:otp/ssh@*

Matching in nixpkgs

pkgs.assh

Advanced SSH config - Regex, aliases, gateways, includes and dynamic hosts

  • nixos-unstable -

pkgs.pssh

Parallel SSH Tools

  • nixos-unstable -

pkgs.sshs

Terminal user interface for SSH

  • nixos-unstable -

pkgs.sshx

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.zssh

SSH and Telnet client with ZMODEM file transfer capability

  • nixos-unstable -

pkgs.passh

Sshpass alternative for non-interactive ssh auth

pkgs.sshed

ssh config editor and bookmarks manager

  • nixos-unstable -

pkgs.libssh

SSH client library

  • nixos-unstable -

pkgs.opkssh

Enables SSH to be used with OpenID Connect

  • nixos-unstable -

pkgs.smassh

TUI based typing test application inspired by MonkeyType

  • nixos-unstable -

pkgs.tarssh

Simple SSH tarpit inspired by endlessh

  • nixos-unstable -

pkgs.webssh

Web based SSH client

  • nixos-unstable -

pkgs.autossh

Automatically restart SSH sessions and tunnels

  • nixos-unstable -

pkgs.lazyssh

Terminal-based SSH manager

  • nixos-unstable -

pkgs.libssh2

Client-side C library implementing the SSH2 protocol

  • nixos-unstable -

pkgs.openssh

Implementation of the SSH protocol

  • nixos-unstable -

pkgs.sshoogr

A Groovy-based DSL for working with remote SSH servers

  • nixos-unstable -

pkgs.sshpass

Non-interactive ssh password auth

  • nixos-unstable -

pkgs.sshping

Measure character-echo latency and bandwidth for an interactive ssh session

  • nixos-unstable -

pkgs.baboossh

Tool to do SSH spreading

  • nixos-unstable -

pkgs.endlessh

SSH tarpit that slowly sends an endless banner

  • nixos-unstable -

pkgs.fast-ssh

TUI tool to use the SSH config for connections

  • nixos-unstable -

pkgs.hyperssh

Run SSH over hyperswarm

  • nixos-unstable -

pkgs.pam_rssh

PAM module for authenticating via ssh-agent, written in Rust

  • nixos-unstable -

pkgs.pfsshell

PFS (PlayStation File System) shell for POSIX-based systems

  • nixos-unstable -

pkgs.ssh-mitm

Tool for SSH security audits

  • nixos-unstable -

pkgs.sshesame

Easy to set up and use SSH honeypot

  • nixos-unstable -

pkgs.sshguard

Protects hosts from brute-force attacks

  • nixos-unstable -

pkgs.sshified

Proxy HTTP requests through SSH

  • nixos-unstable -

pkgs.sshlatex

Collection of hacks to efficiently run LaTeX via ssh

  • nixos-unstable -

pkgs.sshocker

Tool for SSH, reverse sshfs and port forwarder

  • nixos-unstable -

pkgs.sshuttle

Transparent proxy server that works as a poor man's VPN

  • nixos-unstable -

pkgs.guile-ssh

Bindings to Libssh for GNU Guile

  • nixos-unstable -

pkgs.ssh-audit

Tool for ssh server auditing

  • nixos-unstable -

pkgs.ssh-ident

Start and use ssh-agent and load identities as necessary

pkgs.ssh-tools

Making SSH more convenient

  • nixos-unstable -

pkgs.sshportal

Simple, fun and transparent SSH (and telnet) bastion server

  • nixos-unstable -

pkgs.tmux-cssh

SSH to multiple hosts at the same time using tmux

pkgs.trzsz-ssh

SSH client designed as a drop-in replacement for the openssh client

  • nixos-unstable -

pkgs.usbip-ssh

Import usb devices from another linux machine with ssh's connection forwarding mechanism

pkgs.ssh-agents

Spawn and maintain multiple ssh-agents across terminals

  • nixos-unstable -

pkgs.ssh-to-age

Convert ssh private keys in ed25519 format to age keys

  • nixos-unstable -

pkgs.ssh-to-pgp

Convert ssh private keys to PGP

  • nixos-unstable -

pkgs.sshchecker

Dedicated SSH brute-forcing tool

  • nixos-unstable -

pkgs.sshfs-fuse

FUSE-based filesystem that allows remote filesystems to be mounted over SSH

  • nixos-unstable -

pkgs.endlessh-go

Implementation of endlessh exporting Prometheus metrics

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

  • nixos-unstable -

pkgs.ssh-copy-id

Tool to copy SSH public keys to a remote machine

  • nixos-unstable -

pkgs.sshx-server

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.ssh-import-id

Retrieves an SSH public key and installs it locally

  • nixos-unstable -

pkgs.ssh-tpm-agent

SSH agent with support for TPM sealed keys for public key authentication

  • nixos-unstable -

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

  • nixos-unstable -

pkgs.tkey-ssh-agent

SSH Agent for TKey, the flexible open hardware/software USB security key

  • nixos-unstable -

pkgs.vault-ssh-plus

Automatically use HashiCorp Vault SSH Client Key Signing with ssh(1)

  • nixos-unstable -

pkgs.x11_ssh_askpass

Lightweight passphrase dialog for OpenSSH or other open variants of SSH

pkgs.ssh-openpgp-auth

Command-line tool that provides client-side functionality to transparently verify the identity of remote SSH hosts

  • nixos-unstable -

pkgs.ssh-key-confirmer

Test ssh login key acceptance without having the private key

  • nixos-unstable -

pkgs.sshd-openpgp-auth

Command-line tool for creating and managing OpenPGP based trust anchors for SSH host keys

  • nixos-unstable -

pkgs.gnomeExtensions.guake-ssh

Systray menu to connect to SSH hosts configured in ~/.ssh/config or any files in ~/.ssh/config.d/ using Guake.

  • nixos-unstable -
    • nixpkgs-unstable 5

pkgs.gnomeExtensions.ssh-profile-list

SSH Profile List is a GNOME extension that allows you to show SSH connections from .ssh/config file directly from the GNOME panel systray. This extension is fork of https://github.com/pramalho/guake-ssh-extension that modified to run on any terminal.

  • nixos-unstable -
    • nixpkgs-unstable 1

Package maintainers

Permalink CVE-2025-48039
created 4 months, 3 weeks ago
Unverified Paths can Cause Excessive Use of System Resources

Allocation of Resources Without Limits or Throttling vulnerability in Erlang OTP ssh (ssh_sftp modules) allows Excessive Allocation, Resource Leak Exposure. This vulnerability is associated with program files lib/ssh/src/ssh_sftpd.erl. This issue affects OTP form OTP 17.0 until OTP 28.0.3, OTP 27.3.4.3 and 26.2.5.15 corresponding to ssh from 3.0.1 until 5.3.3, 5.2.11.3 and 5.1.4.12.

Affected products

ssh
  • <pkg:otp/ssh@*
  • *

Matching in nixpkgs

pkgs.assh

Advanced SSH config - Regex, aliases, gateways, includes and dynamic hosts

  • nixos-unstable -

pkgs.pssh

Parallel SSH Tools

  • nixos-unstable -

pkgs.sshs

Terminal user interface for SSH

  • nixos-unstable -

pkgs.sshx

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.zssh

SSH and Telnet client with ZMODEM file transfer capability

  • nixos-unstable -

pkgs.passh

Sshpass alternative for non-interactive ssh auth

pkgs.sshed

ssh config editor and bookmarks manager

  • nixos-unstable -

pkgs.libssh

SSH client library

  • nixos-unstable -

pkgs.opkssh

Enables SSH to be used with OpenID Connect

  • nixos-unstable -

pkgs.smassh

TUI based typing test application inspired by MonkeyType

  • nixos-unstable -

pkgs.tarssh

Simple SSH tarpit inspired by endlessh

  • nixos-unstable -

pkgs.webssh

Web based SSH client

  • nixos-unstable -

pkgs.autossh

Automatically restart SSH sessions and tunnels

  • nixos-unstable -

pkgs.lazyssh

Terminal-based SSH manager

  • nixos-unstable -

pkgs.libssh2

Client-side C library implementing the SSH2 protocol

  • nixos-unstable -

pkgs.openssh

Implementation of the SSH protocol

  • nixos-unstable -

pkgs.sshoogr

A Groovy-based DSL for working with remote SSH servers

  • nixos-unstable -

pkgs.sshpass

Non-interactive ssh password auth

  • nixos-unstable -

pkgs.sshping

Measure character-echo latency and bandwidth for an interactive ssh session

  • nixos-unstable -

pkgs.baboossh

Tool to do SSH spreading

  • nixos-unstable -

pkgs.endlessh

SSH tarpit that slowly sends an endless banner

  • nixos-unstable -

pkgs.fast-ssh

TUI tool to use the SSH config for connections

  • nixos-unstable -

pkgs.hyperssh

Run SSH over hyperswarm

  • nixos-unstable -

pkgs.pam_rssh

PAM module for authenticating via ssh-agent, written in Rust

  • nixos-unstable -

pkgs.pfsshell

PFS (PlayStation File System) shell for POSIX-based systems

  • nixos-unstable -

pkgs.ssh-mitm

Tool for SSH security audits

  • nixos-unstable -

pkgs.sshesame

Easy to set up and use SSH honeypot

  • nixos-unstable -

pkgs.sshguard

Protects hosts from brute-force attacks

  • nixos-unstable -

pkgs.sshified

Proxy HTTP requests through SSH

  • nixos-unstable -

pkgs.sshlatex

Collection of hacks to efficiently run LaTeX via ssh

  • nixos-unstable -

pkgs.sshocker

Tool for SSH, reverse sshfs and port forwarder

  • nixos-unstable -

pkgs.sshuttle

Transparent proxy server that works as a poor man's VPN

  • nixos-unstable -

pkgs.guile-ssh

Bindings to Libssh for GNU Guile

  • nixos-unstable -

pkgs.ssh-audit

Tool for ssh server auditing

  • nixos-unstable -

pkgs.ssh-ident

Start and use ssh-agent and load identities as necessary

pkgs.ssh-tools

Making SSH more convenient

  • nixos-unstable -

pkgs.sshportal

Simple, fun and transparent SSH (and telnet) bastion server

  • nixos-unstable -

pkgs.tmux-cssh

SSH to multiple hosts at the same time using tmux

pkgs.trzsz-ssh

SSH client designed as a drop-in replacement for the openssh client

  • nixos-unstable -

pkgs.usbip-ssh

Import usb devices from another linux machine with ssh's connection forwarding mechanism

pkgs.ssh-agents

Spawn and maintain multiple ssh-agents across terminals

  • nixos-unstable -

pkgs.ssh-to-age

Convert ssh private keys in ed25519 format to age keys

  • nixos-unstable -

pkgs.ssh-to-pgp

Convert ssh private keys to PGP

  • nixos-unstable -

pkgs.sshchecker

Dedicated SSH brute-forcing tool

  • nixos-unstable -

pkgs.sshfs-fuse

FUSE-based filesystem that allows remote filesystems to be mounted over SSH

  • nixos-unstable -

pkgs.endlessh-go

Implementation of endlessh exporting Prometheus metrics

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

  • nixos-unstable -

pkgs.ssh-copy-id

Tool to copy SSH public keys to a remote machine

  • nixos-unstable -

pkgs.sshx-server

Fast, collaborative live terminal sharing over the web

  • nixos-unstable -

pkgs.ssh-import-id

Retrieves an SSH public key and installs it locally

  • nixos-unstable -

pkgs.ssh-tpm-agent

SSH agent with support for TPM sealed keys for public key authentication

  • nixos-unstable -

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

  • nixos-unstable -

pkgs.tkey-ssh-agent

SSH Agent for TKey, the flexible open hardware/software USB security key

  • nixos-unstable -

pkgs.vault-ssh-plus

Automatically use HashiCorp Vault SSH Client Key Signing with ssh(1)

  • nixos-unstable -

pkgs.x11_ssh_askpass

Lightweight passphrase dialog for OpenSSH or other open variants of SSH

pkgs.ssh-openpgp-auth

Command-line tool that provides client-side functionality to transparently verify the identity of remote SSH hosts

  • nixos-unstable -

pkgs.ssh-key-confirmer

Test ssh login key acceptance without having the private key

  • nixos-unstable -

pkgs.sshd-openpgp-auth

Command-line tool for creating and managing OpenPGP based trust anchors for SSH host keys

  • nixos-unstable -

pkgs.gnomeExtensions.guake-ssh

Systray menu to connect to SSH hosts configured in ~/.ssh/config or any files in ~/.ssh/config.d/ using Guake.

  • nixos-unstable -
    • nixpkgs-unstable 5

pkgs.gnomeExtensions.ssh-profile-list

SSH Profile List is a GNOME extension that allows you to show SSH connections from .ssh/config file directly from the GNOME panel systray. This extension is fork of https://github.com/pramalho/guake-ssh-extension that modified to run on any terminal.

  • nixos-unstable -
    • nixpkgs-unstable 1

Package maintainers

Permalink CVE-2025-26466
created 4 months, 3 weeks ago
Openssh: denial-of-service in openssh

A flaw was found in the OpenSSH package. For each ping packet the SSH server receives, a pong packet is allocated in a memory buffer and stored in a queue of packages. It is only freed when the server/client key exchange has finished. A malicious client may keep sending such packages, leading to an uncontrolled increase in memory consumption on the server side. Consequently, the server may become unavailable, resulting in a denial of service attack.

Affected products

rhcos
OpenSSH
  • =<9.9p1
openssh

Matching in nixpkgs

pkgs.openssh

Implementation of the SSH protocol

  • nixos-unstable -

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

  • nixos-unstable -

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

  • nixos-unstable -

Package maintainers

Permalink CVE-2025-26465
created 4 months, 3 weeks ago
Openssh: machine-in-the-middle attack if verifyhostkeydns is enabled

A vulnerability was found in OpenSSH when the VerifyHostKeyDNS option is enabled. A machine-in-the-middle attack can be performed by a malicious machine impersonating a legit server. This issue occurs due to how OpenSSH mishandles error codes in specific conditions when verifying the host key. For an attack to be considered successful, the attacker needs to manage to exhaust the client's memory resource first, turning the attack complexity high.

Affected products

rhcos
OpenSSH
  • =<9.9p1
openssh
  • *
discovery/discovery-server-rhel9
  • *
registry.redhat.io/discovery/discovery-server-rhel9
  • *

Matching in nixpkgs

pkgs.openssh

Implementation of the SSH protocol

  • nixos-unstable -

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

  • nixos-unstable -

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

  • nixos-unstable -

Package maintainers

Permalink CVE-2024-6409
created 4 months, 3 weeks ago
Openssh: possible remote code execution due to a race condition in signal handling affecting red hat enterprise linux 9

A signal handler race condition vulnerability was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog(). This issue leaves it vulnerable to a signal handler race condition on the cleanup_exit() function, which introduces the same vulnerability as CVE-2024-6387 in the unprivileged child of the SSHD server.

Affected products

rhcos
  • *
OpenSSH
openssh
  • *

Matching in nixpkgs

pkgs.openssh

Implementation of the SSH protocol

  • nixos-unstable -

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

  • nixos-unstable -

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

  • nixos-unstable -

Package maintainers

Permalink CVE-2024-6387
created 4 months, 3 weeks ago
Openssh: possible remote code execution due to a race condition in signal handling

A signal handler race condition was found in OpenSSH's server (sshd), where a client does not authenticate within LoginGraceTime seconds (120 by default, 600 in old OpenSSH versions), then sshd's SIGALRM handler is called asynchronously. However, this signal handler calls various functions that are not async-signal-safe, for example, syslog().

Affected products

rhcos
  • *
OpenSSH
  • =<9.7p1
openssh
  • *
rhceph-6-rhel9

Matching in nixpkgs

pkgs.openssh

Implementation of the SSH protocol

  • nixos-unstable -

pkgs.openssh_hpn

Implementation of the SSH protocol with high performance networking patches

  • nixos-unstable -

pkgs.openssh_gssapi

Implementation of the SSH protocol with GSSAPI support

  • nixos-unstable -

Package maintainers