I love this so much. When I first switched to Linux, being able to just list a bunch of server aliases along with the private key references in my .ssh/config made my life SO much easier then the redundantly maintained and hard to manage putty and winscp configurations in Windows.

Since OpenSSH version 9.0, so like mid '22. So as long as you’re not running something more out of date than that.

Because enshittification…

Let me try to help you in a more psychological way: try focusing on how much more important those issues of privacy, respecting user self determination, etc are than all those little trade offs (which sound to me as much like a cranky resistance to change as anything else). You are going to have to accept changes you don’t like along with changes that you might eventually see as improvements if you give it a chance. But even if not, the enshittification element should outweigh all that.

I gave up Windows for Plasma 4.something, over a decade ago to avoid the enshittification of Windows 10, and even then I felt like it was a user interface improvement and it was painful going back every time I booted my window partition. I can’t even imagine how someone can put up with the shit Windows 11 imposes on you. But, hey everyone weighs things differently.

Personally, when software I paid nothing for, made by volunteers, has a flaw or doesn’t meet my preferences, it pisses me off a whole lot less than when software that I’ve paid for, made by a corporation with more money then God, blue screens or forces something on me that I didn’t ask for.

Do you mean the specific exploit performed by the author has been fixed? Or the general vulnerability that this exploit was intended to demonstrate has been fixed? The article ends with a What’s Next section discussing the difficulty of the latter, saying

we don’t think there’s a silver bullet to address the risks caused by the compromise of such central pieces of infrastructure

and going into detail about the challenges for openSUSE OBS. Are you claiming those challenges have all been solved and exploits like this are no longer possible?

Supply chain attacks have been a trendy topic in the past years.

Has the meaning of ‘trendy’ changed from what I’m used to?

SCP, the protocol, is deprecated. scp, the command, just uses the SFTP protocol these days. I find its syntax convenient.

Dolphin?