Tux Machines

Do you waddle the waddle?

Other Sites

LinuxGizmos.com

Red Pitaya and Texas Instruments Collaborate on New STEMlab Boards for High-Performance Data Acquisition

Red Pitaya has unveiled new open-source STEMlab TI boards developed with Texas Instruments for demanding signal processing tasks in photonics, sensing, and laboratory automation. By incorporating TI’s precision analog components, the boards aim to combine accuracy and low jitter in a compact design.

RoyalBlue54L Feather with Nordic nRF54L15 and RISC-V Coprocessor for Thread, Matter, and Zigbee

The RoyalBlue54L Feather is an upcoming development board designed to deliver a full-featured experience in the familiar Feather footprint. This board integrates Nordic’s next-generation nRF54L15, targeting developers working on modern wireless IoT applications.

Shuttle NT10H Leverages Intel Core Ultra and Available in Barebones option

The Shuttle NT10H is part of the XPC nano lineup and is designed as a compact, NUC-style mini PC for multitasking and heavier workloads. It uses Intel Core Ultra processors based on the Meteor Lake architecture, combining CPU cores, integrated Intel Arc graphics, and a dedicated AI Boost NPU providing up to 34 TOPS of AI performance.

YY3588 Development Board with up to 32GB RAM, 2.5GbE Port and Onboard NFC

Youyeetoo has just launched a platform based on Rockchip’s RK3588 SoC with a modular system-on-module design, targeting industrial automation and edge IoT projects that demand high performance and flexible connectivity. Key features include Wi-Fi and Bluetooth support, optional 4G connectivity, and dual RJ45 Ethernet ports, including a 1GbE and an extra 2.5GbE port.

Internet Society

Dangerous US Supreme Court Decision for Online Privacy and Security

The United States Supreme Court last week ruled that a state age verification law is constitutional. As the Internet Society argued in a joint legal filing, the Texas law risks the privacy, security, and open nature of the Internet we all rely on.  

How Educators Run the Internet

Just as you can learn to drive a car without having to learn to make one (but would prefer that whoever built the car had relevant training!), different roles in the Internet ecosystem require different skills.  

9to5Linux

First Arch Linux ISO Release Powered by Linux 6.15 Is Now Available for Download

Arch Linux 2025.07.01 is here as Arch Linux’s ISO snapshot for July 2025 and the first to be powered by the latest Linux 6.15 kernel series, which should give users a boost when detecting hardware, especially on newer devices, but especially on older ones where previous Arch Linux ISOs failed to detect some of the components.

KDE Plasma 6.4.2 Improves the Kicker App Menu Widget, Spectacle, and More

Coming only a week after KDE Plasma 6.4.1, the KDE Plasma 6.4.2 update makes the “New!” badges applied to newly-installed apps in the Kickoff application launcher more appealing and easier to read and lets users activate the power/session actions using the Enter key in the Kicker Application Menu widget.

TUXEDO Stellaris 16 Gen7 Linux Laptop Now Ships with AMD Ryzen 9 CPUs

TUXEDO Stellaris 16 Gen7 was unveiled in late May 2025 with an Intel Core Ultra 9 275HX processor. However, many customers and some of my readers complained that there’s no AMD version of this beautiful masterpiece.

OpenSSH 9.1 released (UPDATED)

posted by Roy Schestowitz on Oct 04, 2022,
updated Oct 05, 2022

OpenSSH 9.1 has just been released. It will be available from the
mirrors listed at https://www.openssh.com/ shortly.

OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project. More information on donations may be found at: https://www.openssh.com/donations.html
Changes since OpenSSH 9.0 =========================
This release is focused on bug fixing.
Security ========
This release contains fixes for three minor memory safety problems. None are believed to be exploitable, but we report most memory safety problems as potential security vulnerabilities out of caution.
* ssh-keyscan(1): fix a one-byte overflow in SSH- banner processing. Reported by Qualys
* ssh-keygen(1): double free() in error path of file hashing step in signing/verify code; GHPR333
* ssh-keysign(8): double-free in error path introduced in openssh-8.9
Potentially-incompatible changes --------------------------------
* The portable OpenSSH project now signs commits and release tags using git's recent SSH signature support. The list of developer signing keys is included in the repository as .git_allowed_signers and is cross-signed using the PGP key that is still used to sign release artifacts: https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc
* ssh(1), sshd(8): SetEnv directives in ssh_config and sshd_config are now first-match-wins to match other directives. Previously if an environment variable was multiply specified the last set value would have been used. bz3438
* ssh-keygen(8): ssh-keygen -A (generate all default host key types) will no longer generate DSA keys, as these are insecure and have not been used by default for some years.
New features ------------
* ssh(1), sshd(8): add a RequiredRSASize directive to set a minimum RSA key length. Keys below this length will be ignored for user authentication and for host authentication in sshd(8).
ssh(1) will terminate a connection if the server offers an RSA key that falls below this limit, as the SSH protocol does not include the ability to retry a failed key exchange.
* sftp-server(8): add a "users-groups-by-id@openssh.com" extension request that allows the client to obtain user/group names that correspond to a set of uids/gids.
* sftp(1): use "users-groups-by-id@openssh.com" sftp-server extension (when available) to fill in user/group names for directory listings.
* sftp-server(8): support the "home-directory" extension request defined in draft-ietf-secsh-filexfer-extensions-00. This overlaps a bit with the existing "expand-path@openssh.com", but some other clients support it.
* ssh-keygen(1), sshd(8): allow certificate validity intervals, sshsig verification times and authorized_keys expiry-time options to accept dates in the UTC time zone in addition to the default of interpreting them in the system time zone. YYYYMMDD and YYMMDDHHMM[SS] dates/times will be interpreted as UTC if suffixed with a 'Z' character.
Also allow certificate validity intervals to be specified in raw seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This is intended for use by regress tests and other tools that call ssh-keygen as part of a CA workflow. bz3468
* sftp(1): allow arguments to the sftp -D option, e.g. sftp -D "/usr/libexec/sftp-server -el debug3"
* ssh-keygen(1): allow the existing -U (use agent) flag to work with "-Y sign" operations, where it will be interpreted to require that the private keys is hosted in an agent; bz3429
Bugfixes --------
* ssh-keygen(1): implement the "verify-required" certificate option. This was already documented when support for user-verified FIDO keys was added, but the ssh-keygen(1) code was missing.
* ssh-agent(1): hook up the restrict_websafe command-line flag; previously the flag was accepted but never actually used.
* sftp(1): improve filename tab completions: never try to complete names to non-existent commands, and better match the completion type (local or remote filename) against the argument position being completed.
* ssh-keygen(1), ssh(1), ssh-agent(1): several fixes to FIDO key handling, especially relating to keys that request user-verification. These should reduce the number of unnecessary PIN prompts for keys that support intrinsic user verification. GHPR302, GHPR329
* ssh-keygen(1): when enrolling a FIDO resident key, check if a credential with matching application and user ID strings already exists and, if so, prompt the user for confirmation before overwriting the credential. GHPR329
* sshd(8): improve logging of errors when opening authorized_keys files. bz2042
* ssh(1): avoid multiplexing operations that could cause SIGPIPE from causing the client to exit early. bz3454
* ssh_config(5), sshd_config(5): clarify that the RekeyLimit directive applies to both transmitted and received data. GHPR328
* ssh-keygen(1): avoid double fclose() in error path.
* sshd(8): log an error if pipe() fails while accepting a connection. bz3447
* ssh(1), ssh-keygen(1): fix possible NULL deref when built without FIDO support. bz3443
* ssh-keyscan(1): add missing *-sk types to ssh-keyscan manpage. GHPR294.
* sshd(8): ensure that authentication passwords are cleared from memory in error paths. GHPR286
* ssh(1), ssh-agent(1): avoid possibility of notifier code executing kill(-1). GHPR286
* ssh_config(5): note that the ProxyJump directive also accepts the same tokens as ProxyCommand. GHPR305.
* scp(1): do not not ftruncate(3) files early when in sftp mode. The previous behaviour of unconditionally truncating the destination file would cause "scp ~/foo localhost:foo" and the reverse "scp localhost:foo ~/foo" to delete all the contents of their destination. bz3431
* ssh-keygen(1): improve error message when 'ssh-keygen -Y sign' is unable to load a private key; bz3429
* sftp(1), scp(1): when performing operations that glob(3) a remote path, ensure that the implicit working directory used to construct that path escapes glob(3) characters. This prevents glob characters from being processed in places they shouldn't, e.g. "cd /tmp/a*/", "get *.txt" should have the get operation treat the path "/tmp/a*" literally and not attempt to expand it.
* ssh(1), sshd(8): be stricter in which characters will be accepted in specifying a mask length; allow only 0-9. GHPR278
* ssh-keygen(1): avoid printing hash algorithm twice when dumping a KRL
* ssh(1), sshd(8): continue running local I/O for open channels during SSH transport rekeying. This should make ~-escapes work in the client (e.g. to exit) if the connection happened to have stalled during a rekey event.
* ssh(1), sshd(8): avoid potential poll() spin during rekeying
* Further hardening for sshbuf internals: disallow "reparenting" a hierarchical sshbuf and zero the entire buffer if reallocation fails. GHPR287
Portability -----------
* ssh(1), ssh-keygen(1), sshd(8): automatically enable the built-in FIDO security key support if libfido2 is found and usable, unless --without-security-key-builtin was requested.
* ssh(1), ssh-keygen(1), sshd(8): many fixes to make the WinHello FIDO device usable on Cygwin. The windows://hello FIDO device will be automatically used by default on this platform unless requested otherwise, or when probing resident FIDO credentials (an operation not currently supported by WinHello).
* Portable OpenSSH: remove workarounds for obsolete and unsupported versions of OpenSSL libcrypto. In particular, this release removes fallback support for OpenSSL that lacks AES-CTR or AES-GCM.
Those AES cipher modes were added to OpenSSL prior to the minimum version currently supported by OpenSSH, so this is not expected to impact any currently supported configurations.
* sshd(8): fix SANDBOX_SECCOMP_FILTER_DEBUG on current Linux/glibc
* All: resync and clean up internal CSPRNG code.
* scp(1), sftp(1), sftp-server(8): avoid linking these programs with unnecessary libraries. They are no longer linked against libz and libcrypto. This may be of benefit to space constrained systems using any of those components in isolation.
* sshd(8): add AUDIT_ARCH_PPC to supported seccomp sandbox architectures.
* configure: remove special casing of crypt(). configure will no longer search for crypt() in libcrypto, as it was removed from there years ago. configure will now only search libc and libcrypt.
* configure: refuse to use OpenSSL 3.0.4 due to potential RCE in its RSA implementation (CVE-2022-2274) on x86_64.
* All: request 1.1x API compatibility for OpenSSL >=3.x; GHPR#322
* ssh(1), ssh-keygen(1), sshd(8): fix a number of missing includes required by the XMSS code on some platforms.
* sshd(8): cache timezone data in capsicum sandbox.
Checksums: ==========
- SHA1 (openssh-9.1.tar.gz) = 3ae2d6a3a695d92778c4c4567dcd6ad481092f6c - SHA256 (openssh-9.1.tar.gz) = QKfVArlcItV+e8V1Th85TL5//5d/AvOUhYOeHMDEGuE=
- SHA1 (openssh-9.1p1.tar.gz) = 15545440268967511d3194ebf20bcd0c7ff3fcc9 - SHA256 (openssh-9.1p1.tar.gz) = GfhQCcfj4jeH8CNvuxV4OSq01L+fjsX+a8HNfov90og=
Please note that the SHA256 signatures are base64 encoded and not hexadecimal (which is the default for most checksum tools). The PGP key used to sign the releases is available from the mirror sites: https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc
Reporting Bugs: ===============
- Please read https://www.openssh.com/report.html Security bugs should be reported directly to openssh@openssh.com

UPDATE

A couple of reference pages:

Other Recent Tux Machines' Posts

Google Outsources Agent2Agent to Microsoft Proprietary Jail (GitHub), Linux Foundation is Openwashing Dangerous Hype
Some LF openwash
Steam and Linux gaming is safe: Fedora will not drop 32-bit support after all — dev says proposal was 'not some conspiracy to break the gaming use case'
Maintaining 32-bit support will allow Steam to keep functioning on popular Linux distribution
KDE Plasma 6.4.2 Improves the Kicker App Menu Widget, Spectacle, and More
KDE Plasma 6.4.2 is now available as the second maintenance update to the latest KDE Plasma 6.4 desktop environment series with more fixes.
Liberux NEXX Linux phone with RK3588S and 32GB RAM hits Indiegogo
But the Liberux NEXX is a work-in-progress Linux phone that could be the most powerful to date
digiKam 8.7 Adds New Tool to Perform Auto-Rotation Based on Content Analysis
digiKam 8.7 has been released today as the latest stable version of this open-source, free, and cross-platform dynamic digital asset manager and image editor, providing professional-grade photo management.
French city of Lyon ditching Microsoft for FOSS
The French city of Lyon has decided to ditch Microsoft’s Office suite and plans to adopt Linux and PostgreSQL
Bcachefs may be headed out of the kernel
2 stories
PI(M)P Your Clock
You may have read about my new-found fondness for Plasma’s Clock app
Software: Incus 6.14, Wireplumber, GNU Health Hospital Information System 5.0, App Center, and More
Some software updates
 
today's leftovers
with GNU/Linux focus
Free, Libre, and Open Source Software and Standards
mostly FOSS leftovers
Open Hardware/Modding: Radxa, Olimex, Arduino, and More
Hardware picks
Red Hat Leftovers
good and bad
Updates From Debian Developers and Sparky
mostly Debian work
Audiocasts/Shows: Ask Noah Show, Chimera GNU/Linux vs XLibre, What’s in the SOSS?
some shows or recordings
Barry Kauler on PKGget in EasyOS
some updates from Barry Kauler on PKGget
Applications: Linux App Release Roundup, GNU Health Hospital Information System 5.0, GnuCash, and OsmAnd
Application-related picks
Games: Pixel Wheels, Godot 4.5 Beta 2, and Bazzite on the Steam Deck
Gaming related picks
Kernel and Graphics: Linus Torvalds, Jonathan Corbet, Dave Airlie, Mike Blumenkrantz
kernel stuff
today's howtos
many howtos
Security Leftovers
patches and more
Zabbix 7.4 Open-Source Monitoring Tool Released
Zabbix 7.4 is out now, delivering new templates, enhanced TLS support
today's leftovers
half a dozen more picks
Best Free and Open Source Software
Only free and open source software is eligible for inclusion. Open source software at its finest
Security and Windows TCO Leftovers
mostly Windows TCO stories
Red Hat and Fedora Leftovers
mostly Red Hat stuff
Canonical/Ubuntu Leftovers
Newsletter and more
Open Hardware/Modding: Raspberry Pi, Purism, and More
Hardware leftovers
Games: PCSX2, Steam Deck, MangoHud, and More
half a dozen stories from GamingOnLinux
Today in Techrights
Some of the latest articles
First Arch Linux ISO Release Powered by Linux 6.15 Is Now Available for Download
This is your friendly reminder that there’s a new ISO snapshot available for the Arch Linux distribution that incorporates the latest and greatest GNU/Linux technologies, including Linux kernel 6.15.
GNU/Linux Leftovers
GNU/Linux-centric news picks
Free, Libre, and Open Source Software Leftovers
FOSS and openwash
Latest on Debian and Ubuntu
some small updates from both
Open Hardware/Modding: Raspberry Pi and More
mostly Raspberry Pi
Cache vs. Database, PostgreSQL Latest, and Time Series Databases
DB-related picks
Programming Leftovers
Development picks
Red Hat Official Site: Latest Blog Posts
5 new ones
Windows Loses Its Grip, BSD and GNU/Linux Gain
some desktop updates
Audiocasts/Shows: Destination Linux and Late Night Linux
2 new episodes
Get retro vibe on GNU/Linux and multitouch gestures
some software recommendations
Android Leftovers
Why a OnePlus ban could ruin Android phones in the US as we know them
Nginx Proxy Manager 2.12.4 Released with Certbot Enhancements
Nginx Proxy Manager 2.12.4 lands with API schema fixes
Fedora 43 won't drop 32-bit app support – or adopt Xlibre
Community vetoes plans to axe i686 compatibility and switch X11 forks
Linus Torvalds hints Bcachefs may get dropped from the Linux kernel
Kernel 6.16 may be the last with the new disk format
IPFire 2.29 - Core Update 196 is available for testing
Hot on the heels of our recent WireGuard release
MODICIA O.S. – Linux multimedia distribution
MODICIA O.S. is a multimedia distribution designed primarily for musicians, graphic designers and video makers
Jekyll Publishing on FreeBSD
I switched to static website generation with Jekyll in 2019 (probably because of Carl Schwan
Plasma 6.4 Wayland vs X11 desktop performance numbers
Last Thursday, I published my review of the latest version of the fantastic Plasma desktop environment
Ubuntu 24.10 Support Ends July 10th – Upgrade Soon
Time is nearly up on Ubuntu 24.10 ‘Oracular Oriole’, which goes End of Life (EOL) on July 10, 2025
7 things every Linux beginner should know before downloading their first distro
I can still remember the moment I switched from Windows to Linux
Linux 6.16-rc4
new RC is out
4 Linux distros that can't be upgraded on autopilot - and why they're still worth trying
Some Linux distributions are more demanding
today's howtos
another batch for today
TUXEDO Stellaris 16 Gen7 Linux Laptop Now Ships with AMD Ryzen 9 CPUs
Linux hardware vendor TUXEDO Computers announced that their TUXEDO Stellaris 16 Gen7 laptop can now be purchased with an AMD processor too, namely the AMD Ryzen 9 9955HX and 9955HX3D.
Hardware With GNU/Linux and ARM, non-x86
some hardware picks
Steam Client Now Enables Proton by Default for Games without Native Linux Builds
Valve released a new stable Steam Client update today, bringing a few interesting changes for Linux gamers, as well as various other enhancements and bug fixes.
Fedora Linux Won't Kill 32-Bit Software, for Now
A proposal to drop all support for 32-bit software in the distant Fedora 44 release has been withdrawn after backlash from the community
5 underrated Linux apps I can't live without
I recently made the switch to using Linux full time, leaving Windows behind
9 Great Linux Apps to Try on Your Chromebook
Are you looking for some Linux apps to install on your Chromebook
Choose the GPL instead of a "no attribution" license for your next program
Just because a license is free does not mean it serves the goals of the free software movement well
Ubuntu 25.10 Raises RISC-V Profile Requirements
Canonical is bullish in promoting Ubuntu for RISC-V devices
Free software can strengthen the US healthcare system
Few people who have interacted with the US healthcare system can report a stress-free and cost-effective experience, no matter as a patient or provider
Defending Savannah from DDoS attacks
Savannah is under heavy attack, likely from one or more organizations using a massive botnet to build a dataset for training large language models (LLMs)
Ubuntu and Tuxedo duke it out for Linux on Snapdragon X Elite laptops
So far, Snapdragon X Elite laptops with super-long battery life have only been able to run Windows
I didn't get free software until I became a reverse engineer
Free software can remain an abstract concept until you're staring down the barrel of a 10MB executable in a hex editor
There is no collective freedom without you
This quote is taken from the GNU Manifesto, which was published a few months before the Free Software Foundation's (FSF) founding (forty years ago this October)
Free and Open Source Software, and Review
This is free and open source software
Games: SteamOS 3.7.13, Half-Life, Bubbits, and More
10 stories from GamingOnLinux
Where is it possible to purchase the new Fairphone 6 in the USA?
This is a frequent question we’re getting at Murena
This Week in KDE Apps: Improvements in Photos, KRetro and better keyboard navigation
Welcome to a new issue of "This Week in KDE Apps"! Every week (or so) we cover as much as possible of what's happening in the world of KDE apps
GE-Proton 10-7 and Wine 10.11
Windows compat layer
YY3588 Development Board with up to 32GB RAM, 2.5GbE Port and Onboard NFC
The YY3588 supports Android 14, Debian 12, Ubuntu 22.04, Buildroot
This Debian-based Linux distro is an overlooked and user-friendly gem
This operating system can serve users of all types
New to Linux? Seven things every beginner should know
I can still remember the moment I switched from Windows to Linux
Corporate best practices for upstream open source contributions
When I started getting into Linux and open source over 25 years ago
Today in Techrights
Some of the latest articles
today's leftovers
GNU/Linux, BSD, and more
GNOME and IBM Leftovers
some of the latest work
Open Hardware/Modding: Arduino, Raspberry Pi, and More
hardware leftovers
Programming Leftovers
Development related picks
today's leftovers
3 more stories
today's howtos
many howtos for today
Getting Hot in Here [original]
There will be some good news this week regarding Microsoft's rapid demise
Microsoft "Too Big to Save" (Bailouts), Not "Too Big to Fail" [original]
2025 will be remembered as a significant year not just for GNU/Linux growth but also a rapid fall of Microsoft
Android Leftovers
I slashed my screen time by changing these underrated Android settings
Switching From Desktop Linux To FreeBSD
People have been talking about switching from Windows to Linux since the 1990s
Our Static Site Builder at 3 [original]
If you're still using some PHP stuff to build a site (e.g. WordPress or MediaWiki), consider moving to an SSG
Free and Open Source Software
Minicom is a text-based modem control and terminal emulation program
Review: AxOS 25.06 and 25.01, AlmaLinux OS 10.0
AxOS is an Arch-based, rolling release Linux distribution for the desktop
Orange Pi Nova Teased with Loongson 2K3000 as Loongson Expands Product Line
supported by an expanding Linux-based ecosystem
Microsoft Layoffs This Week (July 2, 2025) [original]
we can expect Microsoft to try to 'hijack' GNU/Linux one way or another
GNU/Linux Leftovers
GNU/Linux focus, 4 stories
Hardware: Espressif, 3D Printing, and Firefox Phones
hardware news
Running a Pi-hole and Self-Hosting a Site
technical articles
Homelab With NixOS and 5 NAS Accessories
self-hosting and maintaining a home lab
today's howtos
Instructionals/Technical articles
Applications: Free Software Alternatives, VirtualBox 7.2.0 Beta 2, and OBS Studio 31.0.4 Hotfix
some software news
Docker-CLI, Portainer, LXCs, VMs, and More
Recent articles about instance management
Today in Techrights
Some of the latest articles
9to5Linux Weekly Roundup: June 29th, 2025
The 246th installment of the 9to5Linux Weekly Roundup is here for the week ending on June 29th, 2025.