Tux Machines

Do you waddle the waddle?

Other Sites

Internet Society

The Internet Society at WSIS HLE 2025 in Switzerland

The WSIS High-Level Event (HLE) is a global meeting co-organized by the International Telecommunication Union (ITU) and other UN agencies to review progress on the World Summit on the Information Society (WSIS) action lines. It serves as a platform for governments, civil society, the private sector, and international organizations to assess the ICT (Information and Communication Technology) development and their impact on achieving the UN Sustainable Development Goals (SDGs), fostering people-centered, inclusive, and development-oriented information and knowledge societies.

From Experience to Curiosity

When Cheryl Langdon-Orr began her learning journey with the Internet Society, she wasn’t a new learner in the traditional sense. With a career spanning decades in science, psychology, and international business and a history of shaping Internet governance through leadership in Australia’s Internet Society chapter, Cheryl has long been part of the global conversation on how the Internet evolves. Yet, despite her experience, she enrolled in course after course. Why? For Cheryl, learning is more than professional development; it’s a way to lead with credibility and care. 

LinuxGizmos.com

Axiomtek KIWI330 Combines 1.6″ SBC Form Factor with Alder Lake-N Processor

Axiomtek has introduced the KIWI330, an ultra-compact single board computer for edge AIoT projects with limited space. Measuring just 72 mm by 56 mm and 1.6 mm thick, the KIWI330 targets robotics, smart gateways, industrial automation, and other applications needing performance in a small footprint.

Linux-ready Meerkat meer10 Launches with Intel Core Ultra, PCIe Gen5 Storage, and Wi-Fi 7

System76 has updated its compact Linux mini PC lineup with the Meerkat meer10, which builds on its predecessor’s small form factor while adding faster processors, modern storage, and improved connectivity for users who want a capable Linux workstation in a tiny footprint.

(Updated) Bela Upgrades Embedded DSP Platforms with PocketBeagle 2 Support and New Web IDE

Bela.io has unveiled the Gem Stereo and Gem Multi, two new open-source boards that expand PocketBeagle 2 into a real-time digital signal processing platform. Designed for audio and sensor applications, the boards target creative, educational, and research projects requiring low-latency performance and flexible I/O.

RP2350-PiZero Pairs RP2350 Microcontroller with Raspberry Pi Zero Form Factor

Waveshare has launched an embedded platform with a form factor similar to the Raspberry Pi Zero, powered by the RP2350 microcontroller. Key features include a DVI interface for displays and a lithium battery connector for portable applications.

9to5Linux

Debian 13 Installer Now Supports Rescuing of Btrfs Systems Installed via Calamares

The Debian Installer Trixie RC2 release is here with support for rescuing Btrfs systems installed via the Calamares installer, adds support for installing systemd-cryptsetup alongside cryptsetup-initramfs, and adds support for Apple MTP and Apple SPI keyboards as found on ARM-based laptops like M1 MacBook Pro and M2 MacBook Air.

KDE Gear 25.04.3 Released as the Last Update in the KDE Gear 25.04 Series

Coming almost a month after KDE Gear 25.04.2, the KDE Gear 25.04.3 release is here to fix HTML detection inside mobipocket files in the Okular document viewer, as well as limit the number of poll choice and fix a crash that occurred when clicking on “Mark as Read” in the notifications page in the Tokodon client for Mastodon.

Libreboot 25.06 Open-Source BIOS/UEFI Firmware Adds More Hardware Support

Libreboot 25.06 adds support for the Acer Q45T-AM mainboard, which is similar to the G43T-AM3 mainboard, as well as for the Dell Precision T1700 SFF and MT mainboards, updates GRUB, SeaBIOS, Untitled, flashprog, U-Boot, and uefitool to newer revisions, and disables hyperthreading by default for ThinkPad T480/3050micro.

Thunderbird 140 Adds ‘Mark as Spam’ and ‘Mark as Starred’ Actions to Notifications

Highlights of Thunderbird 140 include new ‘Mark as Spam’ and ‘Mark as Starred’ actions to email notifications after the introduction of ‘Mark as Read’ and ‘Delete’ actions in Thunderbird 139, as well as the enablement of the Account Hub by default for the second email setup.

OpenSSH 9.1 released (UPDATED)

posted by Roy Schestowitz on Oct 04, 2022,
updated Oct 05, 2022

OpenSSH 9.1 has just been released. It will be available from the
mirrors listed at https://www.openssh.com/ shortly.

OpenSSH is a 100% complete SSH protocol 2.0 implementation and includes sftp client and server support.
Once again, we would like to thank the OpenSSH community for their continued support of the project, especially those who contributed code or patches, reported bugs, tested snapshots or donated to the project. More information on donations may be found at: https://www.openssh.com/donations.html
Changes since OpenSSH 9.0 =========================
This release is focused on bug fixing.
Security ========
This release contains fixes for three minor memory safety problems. None are believed to be exploitable, but we report most memory safety problems as potential security vulnerabilities out of caution.
* ssh-keyscan(1): fix a one-byte overflow in SSH- banner processing. Reported by Qualys
* ssh-keygen(1): double free() in error path of file hashing step in signing/verify code; GHPR333
* ssh-keysign(8): double-free in error path introduced in openssh-8.9
Potentially-incompatible changes --------------------------------
* The portable OpenSSH project now signs commits and release tags using git's recent SSH signature support. The list of developer signing keys is included in the repository as .git_allowed_signers and is cross-signed using the PGP key that is still used to sign release artifacts: https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc
* ssh(1), sshd(8): SetEnv directives in ssh_config and sshd_config are now first-match-wins to match other directives. Previously if an environment variable was multiply specified the last set value would have been used. bz3438
* ssh-keygen(8): ssh-keygen -A (generate all default host key types) will no longer generate DSA keys, as these are insecure and have not been used by default for some years.
New features ------------
* ssh(1), sshd(8): add a RequiredRSASize directive to set a minimum RSA key length. Keys below this length will be ignored for user authentication and for host authentication in sshd(8).
ssh(1) will terminate a connection if the server offers an RSA key that falls below this limit, as the SSH protocol does not include the ability to retry a failed key exchange.
* sftp-server(8): add a "users-groups-by-id@openssh.com" extension request that allows the client to obtain user/group names that correspond to a set of uids/gids.
* sftp(1): use "users-groups-by-id@openssh.com" sftp-server extension (when available) to fill in user/group names for directory listings.
* sftp-server(8): support the "home-directory" extension request defined in draft-ietf-secsh-filexfer-extensions-00. This overlaps a bit with the existing "expand-path@openssh.com", but some other clients support it.
* ssh-keygen(1), sshd(8): allow certificate validity intervals, sshsig verification times and authorized_keys expiry-time options to accept dates in the UTC time zone in addition to the default of interpreting them in the system time zone. YYYYMMDD and YYMMDDHHMM[SS] dates/times will be interpreted as UTC if suffixed with a 'Z' character.
Also allow certificate validity intervals to be specified in raw seconds-since-epoch as hex value, e.g. -V 0x1234:0x4567890. This is intended for use by regress tests and other tools that call ssh-keygen as part of a CA workflow. bz3468
* sftp(1): allow arguments to the sftp -D option, e.g. sftp -D "/usr/libexec/sftp-server -el debug3"
* ssh-keygen(1): allow the existing -U (use agent) flag to work with "-Y sign" operations, where it will be interpreted to require that the private keys is hosted in an agent; bz3429
Bugfixes --------
* ssh-keygen(1): implement the "verify-required" certificate option. This was already documented when support for user-verified FIDO keys was added, but the ssh-keygen(1) code was missing.
* ssh-agent(1): hook up the restrict_websafe command-line flag; previously the flag was accepted but never actually used.
* sftp(1): improve filename tab completions: never try to complete names to non-existent commands, and better match the completion type (local or remote filename) against the argument position being completed.
* ssh-keygen(1), ssh(1), ssh-agent(1): several fixes to FIDO key handling, especially relating to keys that request user-verification. These should reduce the number of unnecessary PIN prompts for keys that support intrinsic user verification. GHPR302, GHPR329
* ssh-keygen(1): when enrolling a FIDO resident key, check if a credential with matching application and user ID strings already exists and, if so, prompt the user for confirmation before overwriting the credential. GHPR329
* sshd(8): improve logging of errors when opening authorized_keys files. bz2042
* ssh(1): avoid multiplexing operations that could cause SIGPIPE from causing the client to exit early. bz3454
* ssh_config(5), sshd_config(5): clarify that the RekeyLimit directive applies to both transmitted and received data. GHPR328
* ssh-keygen(1): avoid double fclose() in error path.
* sshd(8): log an error if pipe() fails while accepting a connection. bz3447
* ssh(1), ssh-keygen(1): fix possible NULL deref when built without FIDO support. bz3443
* ssh-keyscan(1): add missing *-sk types to ssh-keyscan manpage. GHPR294.
* sshd(8): ensure that authentication passwords are cleared from memory in error paths. GHPR286
* ssh(1), ssh-agent(1): avoid possibility of notifier code executing kill(-1). GHPR286
* ssh_config(5): note that the ProxyJump directive also accepts the same tokens as ProxyCommand. GHPR305.
* scp(1): do not not ftruncate(3) files early when in sftp mode. The previous behaviour of unconditionally truncating the destination file would cause "scp ~/foo localhost:foo" and the reverse "scp localhost:foo ~/foo" to delete all the contents of their destination. bz3431
* ssh-keygen(1): improve error message when 'ssh-keygen -Y sign' is unable to load a private key; bz3429
* sftp(1), scp(1): when performing operations that glob(3) a remote path, ensure that the implicit working directory used to construct that path escapes glob(3) characters. This prevents glob characters from being processed in places they shouldn't, e.g. "cd /tmp/a*/", "get *.txt" should have the get operation treat the path "/tmp/a*" literally and not attempt to expand it.
* ssh(1), sshd(8): be stricter in which characters will be accepted in specifying a mask length; allow only 0-9. GHPR278
* ssh-keygen(1): avoid printing hash algorithm twice when dumping a KRL
* ssh(1), sshd(8): continue running local I/O for open channels during SSH transport rekeying. This should make ~-escapes work in the client (e.g. to exit) if the connection happened to have stalled during a rekey event.
* ssh(1), sshd(8): avoid potential poll() spin during rekeying
* Further hardening for sshbuf internals: disallow "reparenting" a hierarchical sshbuf and zero the entire buffer if reallocation fails. GHPR287
Portability -----------
* ssh(1), ssh-keygen(1), sshd(8): automatically enable the built-in FIDO security key support if libfido2 is found and usable, unless --without-security-key-builtin was requested.
* ssh(1), ssh-keygen(1), sshd(8): many fixes to make the WinHello FIDO device usable on Cygwin. The windows://hello FIDO device will be automatically used by default on this platform unless requested otherwise, or when probing resident FIDO credentials (an operation not currently supported by WinHello).
* Portable OpenSSH: remove workarounds for obsolete and unsupported versions of OpenSSL libcrypto. In particular, this release removes fallback support for OpenSSL that lacks AES-CTR or AES-GCM.
Those AES cipher modes were added to OpenSSL prior to the minimum version currently supported by OpenSSH, so this is not expected to impact any currently supported configurations.
* sshd(8): fix SANDBOX_SECCOMP_FILTER_DEBUG on current Linux/glibc
* All: resync and clean up internal CSPRNG code.
* scp(1), sftp(1), sftp-server(8): avoid linking these programs with unnecessary libraries. They are no longer linked against libz and libcrypto. This may be of benefit to space constrained systems using any of those components in isolation.
* sshd(8): add AUDIT_ARCH_PPC to supported seccomp sandbox architectures.
* configure: remove special casing of crypt(). configure will no longer search for crypt() in libcrypto, as it was removed from there years ago. configure will now only search libc and libcrypt.
* configure: refuse to use OpenSSL 3.0.4 due to potential RCE in its RSA implementation (CVE-2022-2274) on x86_64.
* All: request 1.1x API compatibility for OpenSSL >=3.x; GHPR#322
* ssh(1), ssh-keygen(1), sshd(8): fix a number of missing includes required by the XMSS code on some platforms.
* sshd(8): cache timezone data in capsicum sandbox.
Checksums: ==========
- SHA1 (openssh-9.1.tar.gz) = 3ae2d6a3a695d92778c4c4567dcd6ad481092f6c - SHA256 (openssh-9.1.tar.gz) = QKfVArlcItV+e8V1Th85TL5//5d/AvOUhYOeHMDEGuE=
- SHA1 (openssh-9.1p1.tar.gz) = 15545440268967511d3194ebf20bcd0c7ff3fcc9 - SHA256 (openssh-9.1p1.tar.gz) = GfhQCcfj4jeH8CNvuxV4OSq01L+fjsX+a8HNfov90og=
Please note that the SHA256 signatures are base64 encoded and not hexadecimal (which is the default for most checksum tools). The PGP key used to sign the releases is available from the mirror sites: https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc
Reporting Bugs: ===============
- Please read https://www.openssh.com/report.html Security bugs should be reported directly to openssh@openssh.com

UPDATE

A couple of reference pages:

Other Recent Tux Machines' Posts

Linux-ready Meerkat meer10 Launches with Intel Core Ultra, PCIe Gen5 Storage, and Wi-Fi 7
System76 has updated its compact Linux mini PC lineup with the Meerkat meer10
Google Outsources Agent2Agent to Microsoft Proprietary Jail (GitHub), Linux Foundation is Openwashing Dangerous Hype
Some LF openwash
Thunderbird 140 ESR Focuses on Enterprise Needs
Thunderbird 140 ESR is out now, bringing smarter notifications, dark mode message rendering
 
Free, Libre, and Open Source Software Leftovers
FOSS and a little about standards
GNU/Linux Leftovers
many GNU/Linux picks
Linux kernel and coreboot news
3 more picks
Applications: Melbourne Roto-Control, Docker Desktop 4.43, and More
Some software news
Open Hardware: Arduino, Raspberry Pi, and More
hardware picks
Programming Leftovers
Development-related stuff
Fedora and Red Hat Leftovers
from IBM's corner of the Web
Hackaday Podcast and More
some video and audio
today's howtos
many howtos
Next-generation EasyOS 6.101 V7alpha and Bluepup fixed in Easy Excalibur
some EasyOS news
These Are the Best Linux Distros to Install on a Mini PC
Mini PCs are versatile computing devices, thanks to their compact design
I ditched Chrome and Firefox for this snappy open-source browser, and it exceeded expectations
I may have struck gold with the Thorium browser
today's leftovers
3 more stories
Games: OpenMW 0.49, Proton 10.0-2, SteamOS / Steam Deck
gaming picks
Free and Open Source Software
This is free and open source software
Gnuinos – spin of Devuan Linux
Gnuinos is a spin of Devuan Linux consisting exclusively of Free Software (as defined by the Free Software Foundation) and a choice of several alternative init systems
This Week in Plasma: chugging along
Welcome to a new issue of This Week in Plasma
This Week in GNOME: #207 Replacing Shortcuts
Update on what happened across the GNOME project in the week from June 27 to July 04
Alternate reality - Ubuntu with Plasma
Back in 2017, Canonical decided to stop the development of its homegrown Unity desktop
Plasma 6.4 Wayland vs X11, processor and power benchmarks
I love me a good mystery. Although I'm not happy and I'm rather worried about the direction the Linux home desktop is going
Bluestar Linux: Arch Power, User-Friendly Polish
Think Arch is only for the hardcore? Bluestar Linux rewrites the rules—delivering power, polish, and zero intimidation
Get in losers, we're moving to Linux!
You'll notice a trend here, which is that Arch Linux, a notoriously "difficult" distribution
Today in Techrights
Some of the latest articles
GNU/Linux Leftovers
Red Hat, SUSE, and more
Security Leftovers
Security picks
Applications: tmux-rs, Kiwi TCMS, and Wayback
some software news
Programming Leftovers
Development leftovers
Open Hardware: Arduino, NanoPi, Fairphone, and More
Hardware picks
Web Browsers/Tools: curl user survey 2025 and Vivaldi Browser 7.5
WWW leftovers
Audiocasts/Shows/Videos: Kill -9 Song, BSD Now, and More
4 new picks
today's howtos
many from idroot
Canonical/Ubuntu Leftovers
3 links for today
Latest Tumbleweed Update Marks Myrlyn’s Introduction
The latest openSUSE Tumbleweed update brings Myrlyn
Our small team vs millions of bots
Read the latest update from the FSF tech team
French city of Lyon ditching Microsoft for FOSS
The French city of Lyon has decided to ditch Microsoft’s Office suite and plans to adopt Linux and PostgreSQL
COSMIC Desktop Lands in Void Linux
COSMIC Desktop is now available on Void Linux
GIMP 3.2 Promises New Paint Mode, Support for Importing Photoshop Patterns
The GIMP project released today GIMP 3.1.2 as the first development version of the next major release of this open-source, free, and cross-platform image editing software, GIMP 3.2.
Free and Open Source Software
This is free and open source software
Who Really Built Linux? The Truth Behind the Code
Everything was ready except the heart of the system — the kernel
Mesa 25.1.5 Released
now out
Games: Lockdowns, Steam Deck, and More
news about gaming
Open Hardware/Modding: Raspberry Pi, PocketBeagle, and More
hardware picks
Today in Techrights
Some of the latest articles
Libreboot 25.06 “Luminous Lemon” released!
Today’s Libreboot 25.06 revision is a stable release
KDE Gear 25.04.3 Released as the Last Update in the KDE Gear 25.04 Series
The KDE Project released today KDE Gear 25.04.3 as the third and last maintenance update to the latest KDE Gear 25.04 open-source software suite series to address various issues in your favorite KDE apps.
Debian 13 Installer Now Supports Rescuing of Btrfs Systems Installed via Calamares
The Debian Project released the second Release Candidate (RC2) of the Debian Installer for the upcoming Debian GNU/Linux 13 “Trixie” operating system series, which is expected in late June or early/mid July 2025.
I don't care that Microsoft is extending Windows 10's support, I'm still moving to Linux
So, here's why I'm still making the jump over to Linux
5 Reasons Xfce Is My Favorite Linux Desktop
Of all the desktop environments and window managers available on Linux
Free and Open Source Software
This is free and open source software
US Independence Day [original]
The message of self-determination is just as applicable in the tech world as it is in the political spheres
How I Use the Linux Terminal Without Destroying My OS
While the Linux terminal is still a part of Linux
I Turned a Mini PC Into a Steam Console With Linux
I like gaming on my Linux PC in my office, but I also like my living room couch
Imagining Krita on a Phone
Over the past couple of weeks, Timothée Giet has been working on a mock-up tablet and phone friendly UX for Krita
openSUSE turned 20
Last week, I was in Nürnberg for the openSUSE conference
today's leftovers
FOSS and more
CNX Software on ESP32, Cortex-M85 and More
some hardware picks
Postgres: pgtt v4.4 Released and Event for Postgres 2025
some psql news
Programming Leftovers
Development related picks
Security Leftovers
Security related picks
Linux Kernel, Microsoft Front Groups, and 'Linux' Foundation
some kernel and org stuff
GNOME: Hubert Figuière, Alley Chaggar, and Richard Littauer
GNOME updates
today's howtos
not so many for now
Liberux NEXX Linux phone with RK3588S and 32GB RAM hits Indiegogo
But the Liberux NEXX is a work-in-progress Linux phone that could be the most powerful to date
Applications: Converseen, Kubernetes, and More
Free software roundup
Videos/Audiocasts/Shows: FLOSS Weekly and More
RHEL clones and more
Libreboot 25.06 Open-Source BIOS/UEFI Firmware Adds More Hardware Support
Leah Rowe announced today a new version of the Libreboot open-source and free BIOS/UEFI firmware alternative, Libreboot 25.06, which adds support for new devices, as well as other improvements.
Android Leftovers
5 Android phones you should buy instead of the Nothing Phone 3
Steam Games and Gaming News
gaming stuff
These 6 features in Kali Linux help me keep my network security in top shape
Kali Linux has earned a solid reputation in cybersecurity circles for good reason
5 More Linux-First Mini PCs for Your Next Open Source Project
Mini PCs are awesome because of their versatility
7 GNOME extensions I could never switch to Windows and live without
GNOME is one of the more popular desktop environments available for Linux distros
Microsoft is Drowning [original]
Let's hope that GNU/Linux will gain a lot at the expense of Windows
GNOME 49 Will Require Deeper systemd Integration
Upcoming GNOME releases will require systemd for key session features
Ubuntu Fixes Desktop File Thumbnails Not Showing
Image, PDF and other supported file thumbnails will once again appear on the (literal) Ubuntu 24.04 LTS desktop
Free and Open Source Software
This is free and open source software
Steam and Linux gaming is safe: Fedora will not drop 32-bit support after all — dev says proposal was 'not some conspiracy to break the gaming use case'
Maintaining 32-bit support will allow Steam to keep functioning on popular Linux distribution
Developing an application with TinySPARQL in 2025
Back a couple of months ago, I was given the opportunity to talk at LAS about search in GNOME
MX Linux MX-23.6 Libretto review - A bundle of awesome
It hasn't been that long since I last reviewed MX Linux
Darktable 5.2 Open-Source RAW Image Editor Released with New Features
Darktable 5.2 has been released today as a new stable update to this powerful, open-source, free, and cross-platform photography workflow application and raw developer software.
8 ways every Linux distro could make things a lot easier for newbies
Although Linux continues to grow, distributions could attract - and retain
Security and Windows TCO
mostly Windows TCO
Programming Leftovers
some coding bits, many python picks
GNU/Linux Leftovers
4 more stories
Open Hardware/Modding: Gaming Mouse, Raspberry Pi, RISC-V, STEMlab TI, and More
some hardware picks
Latest From redhat.com
Some Red Hat articles
today's howtos
mostly from idroot
Games: Proton Experimental, ProtonPlus, Nexus Mods, and More
7 stories from GamingOnLinux
Kernel: Linux and Asterinas in LWN
New articles
GNOME deepens systemd dependencies
Systemd, even then, was listed as a component that is encouraged but not required by GNOME. Wayland—which is soon to be the only supported display system for GNOME—is also named as a recommended (but not required) component.
Today in Techrights
Some of the latest articles