Wikipedia:Articles for deletion/SSH-MITM


 * The following discussion is an archived debate of the proposed deletion of the article below. Please do not modify it. Subsequent comments should be made on the appropriate discussion page (such as the article's talk page or in a deletion review).  No further edits should be made to this page.

The result was delete. JBW (talk) 23:33, 3 March 2021 (UTC)

SSH-MITM

 * – ( View AfD View log )

Fails WP:GNG. Looks like advertising. Another editor makes a claim of possible COI. The Banner talk 09:41, 11 February 2021 (UTC)

SSH-MITM is an open source project and not a commercial product. Please explain, why you are thinking it is advertising and it is not worth to be mentioned on Wikipedia. It uses the same license (LGPL-3.0) like Python Paramiko, which is the ssh implementtion. So the license can not be the problem.

According to the Github Stars (https://github.com/ssh-mitm/ssh-mitm/stargazers), there are a lot of people already interested in this project and the project has over 4.000 downloads per month on Pypi. I think, this project does not need advertising.

If you have suggestions how to improve the artice according to Wikipedias standards, please explain. — Preceding unsigned comment added by Rudolfstrauss (talk • contribs) 10:05, 11 February 2021 (UTC)
 * Independent (not in any way related to the subject, not the own website), reliable (no social media), prior published sources that discuss the subject in depth. The Banner  talk 10:43, 11 February 2021 (UTC)

Note: This discussion has been included in the list of Software-related deletion discussions. Spiderone (Talk to Spider) 10:53, 11 February 2021 (UTC)

it is not the amount of sources which is important, when there are reliable sources from known twitter uses in this topic or upvoted redit posts. The ssh topic is, even in the security community, very small. so there are not much sources.

the project is young, but in the last weeks, SSH-MITM (in my opinion) becomes important. This tool is new and, compared to other ssh mitm tools, the most advanced.

If people does not discuss about a tool, this does not mean, that the tool is not interesting. This could also mean, that the tool works and there is no need to discuss about the tool.

A quick search with google, about 5 minutes:

Project Website is in the top results (ok this does not count):

https://www.google.com/search?channel=fs&client=ubuntu&q=ssh+mitm

Twitter:


 * https://twitter.com/ReneRobichaud/status/1350179958296113157
 * https://twitter.com/hackers_toolbox?lang=de

Redit has also posts:


 * https://www.reddit.com/r/SecurityBlueTeam/comments/kzvfrq/sshmitm_server_for_security_audits_supporting/
 * https://www.reddit.com/r/cybersecurity/comments/ha4tpj/sshproxyserver_intercepting_mitm_proxy_for_ssh/

Web:

https://securityonline.info/ssh-mitm-intercepting-proxy-server-for-security-audits/ — Preceding unsigned comment added by Rudolfstrauss (talk • contribs) 11:04, 11 February 2021 (UTC)


 * None of those sources even come close to establishing notability. Please read WP:NSOFT. We can't use posts on Reddits nor tweets as an encyclopaedic reference. Please read WP:RS to see the type of sources that we need. Spiderone (Talk to Spider) 11:34, 11 February 2021 (UTC)

Compared to other ssh server articles, SSH-MITM has more information about the project and the article is just a few hours old.

For example WolfSSH is only a list of supported platforms and algorithms and has only 2 sources, which links to the website of wolfssh and the license. (Sorry for bashing on wolfssh)

Writing "Independent (not in any way related to the subject, not the own website), reliable (no social media), prior published sources that discuss the subject in depth." does not help.

Sorry, this is my first article on Wikipedia. :-(

If you have done some research related to ssh-mitm, please add this information to wikipedia. This article should be a community project! Articles about ssh-mitm:


 * https://www.kitploit.com/2021/01/ssh-mitm-ssh-mitm-server-for-security.html
 * https://securityonline.info/ssh-mitm-intercepting-proxy-server-for-security-audits/ — Preceding unsigned comment added by Rudolfstrauss (talk • contribs) 12:27, 11 February 2021 (UTC)
 * Do you mind to use your own signature, instead of hijacking mine? You can sign your edits on talk pages with 4 tiles ( ~ ) and the software will automagically replace this by your user name, time and date of your edit. The Banner  talk 12:39, 11 February 2021 (UTC)


 * Delete. Zero independent, reliable sources. Does not meet WP:GNG or WP:NSOFTWARE. - MrOllie (talk) 13:32, 11 February 2021 (UTC)


 * Keep DELETE Manfred.ruzicka (talk) 20:39, 12 February 2021 (UTC) — Manfred.ruzicka (talk&#32;• contribs) has made few or no other edits outside this topic.

NIST and MITRE added SSH-MITM as a reference for CVE-2020-14145. This is a vulnerability in OpenSSH up to Version 8.4.


 * https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14145
 * https://nvd.nist.gov/vuln/detail/CVE-2020-14145

I think this are reliable sources and due to the fact, that the latest Version of OpenSSH is affected by CVE-2020-14145, it is an important topic.

Added a news article from Linuxnews.de to external links.


 * URL: https://linuxnews.de/2021/02/ssh-mitm-proxy-server-fuer-security-audits-einsetzen/

Manfred.ruzicka (talk) 07:38, 13 February 2021 (UTC)
 * You come with a lot links, but not with reliable sources discussing the program in-depth. It is still an advertisement. Sorry. The Banner  talk 09:33, 13 February 2021 (UTC)

Is a vulnerability, which affects all versions of OpenSSH (even the latest) and information how to mitigate it not a public interest?

SSH-MITM is, according to nist and mitre, the only public tool (and open source), which is able to check, if a ssh client is affected by CVE-2020-14145.

Perhaps the creation of the page was not neccesary, but the intention was to provide more information and not advertisement. Is it better to move the information to OpenSSH or do you want, that this information should be completely deleted?

You are always talking about reliable sources, social media and discussions.

When it comes to vulnerabilities, the most reliable sources are mitre and nist. They are managing information about vulnerabilities and tools to audit them, but they don't discuss them. They only provide information, where you can find more information. Why do you think, that this two organisations are not reliable?

There are links from social media like Twitter and reddit and then you are saying, they are not reliable. A lot of vulnerabilities are only mentioned on twitter and twitter,because the community relies on those tweets or reddit posts.

Please explain, why the mentioned sources like nist and mitre are not reliable, what makes a source reliable.

Manfred.ruzicka (talk) 11:47, 13 February 2021 (UTC)
 * As I said two days ago about what the article needed: Independent (not in any way related to the subject, not the own website), reliable (no social media), prior published sources that discuss the subject in depth. The Banner  talk 12:21, 13 February 2021 (UTC)

You are always writing, that reliable sources are needed, but did not explain, why nist and mitre are not reliable. Please explain,why this both organisation are not reliable sources.

There are other resources referenced on the nist Article. Can we add those as reference? Are this references reliable? They are also describing CVE-2020-14145 and tthe mechanism, which is implemented in SSH-MITM to check against the vulnerability.

For example this report (pdf document): https://www.fzi.de/en/news/news/detail-en/artikel/fsa-2020-2-ausnutzung-eines-informationslecks-fuer-gezielte-mitm-angriffe-auf-ssh-clients/

When this is not a reliable source, what is a reliable source?

Manfred.ruzicka (talk) 19:29, 13 February 2021 (UTC)
 * , CVE reports do not discuss the subject in depth, MrOllie (talk) 19:56, 13 February 2021 (UTC)

One Question to you: Is the content interesting to be merged in another page or do you want, that the content will be removed?

I understand, that you think, SSH-MITM does not need it's own page, and this is ok for me.

If merging is an alternative, in which article, do you recommend?

Please, help to improve the content. You are all writing, that the content has no reliable sources or is not notable for its own page.

You are all experienced wikipedia authors, so help us to learn how to write content. Please do not always say, that what we are doing is wrong without providing alternatives.

A usefull suggestion could be: Perhaps the topic is not notable for its own page, but you can write about this topic on PAGENAME

A bad suggestion is: The content is not notable - delete the content

So please explain, what we can do with the content.

Manfred.ruzicka (talk) 21:10, 13 February 2021 (UTC)
 * First step is always to start looking for sources conform Wikipedia:Reliable Sources. And be strict about that. If you can not find enough sources that comply to Independent (not in any way related to the subject, not the own website), reliable (no social media), prior published sources that discuss the subject in depth., sorry, you can just give up. I have made that mistake too. I wrote a nice article about a folklore institution in Ireland. But when finished, I realized that 90% of the sources were related to the subject and the rest were poor sources (X organising A, X taking part in B etc.). After using some non-priest-approved language I deleted it, accepting that the institution would fail at the first challenge.
 * And I agree, it is extremely difficult to judge sources and information on its value, when you have a close relationship with the subject.
 * To be true, I can give you no hope. The Banner  talk 21:57, 13 February 2021 (UTC)


 * Comment: The signatures here are slightly confusing. ~ Ase1este charge-paritytime 07:50, 19 February 2021 (UTC)
 * I agree - very difficult to follow the discussion. I have boldly opted to reorganise into collapsible sections so that it's easier to differentiate the chat from actual votes. None of the written content has been changed. Bungle (talk • contribs) 11:32, 20 February 2021 (UTC)

 Relisted to generate a more thorough discussion and clearer consensus.

Please add new comments below this notice. Thanks,  Sandstein   10:50, 20 February 2021 (UTC)
 * Note: This discussion has been included in the list of Computing-related deletion discussions.  CAPTAIN RAJU (T) 11:35, 20 February 2021 (UTC)
 * <small class="delsort-notice">Note: This discussion has been included in the list of Software-related deletion discussions.  CAPTAIN RAJU (T) 11:36, 20 February 2021 (UTC)

<div class="xfd_relist" style="border-top: 1px solid #AAA; border-bottom: 1px solid #AAA; padding: 0px 25px;"> Relisted to generate a more thorough discussion and clearer consensus.
 * Keep DELETE because this is the most advanced audit tool for ssh to inspect the traffic. Other tools like https://github.com/jtesta/ssh-mitm can be used, but lacks most features like public key authentication or file manipulation, which are needed for advanced security audits. Jump Hosts like Teleport SSH (https://goteleport.com/teleport/docs/) or StringDM (https://www.strongdm.com/) are not designed for security audits. While they can be used to create audit logs, those logs are for security compliance, which is another use case. They also lacks feature which are useful for advanced penetration tests. Rudolfstrauss (talk) 10:43, 22 February 2021 (UTC) — Rudolfstrauss (talk&#32;• contribs) has made few or no other edits outside this topic.  — Rudolfstrauss (talk • contribs) is a confirmed sock puppet of Manfred.ruzicka (talk • contribs).

Please add new comments below this notice. Thanks, Daniel (talk) 12:05, 1 March 2021 (UTC)


 * Actually, I start to get the felling that more friends/staff are drafted in to work on the article. The Banner  <i style="color:maroon">talk</i> 12:07, 1 March 2021 (UTC)


 * DELETE I'm the author of ssh-mitm. Please verify my signature in my wikipedia profile.


 * It is nice to have a page on wikiepdia and i feel honored, but the "considered for deletion" message is not positive for me, my motivation and my project :-(


 * Side note: this is only a hobby project, because I'm interested in ssh.


 * To "The Banner": perhaps you are right and some colleagues or persons who know me have created the page. Before this discussion ends in a "mud fight", please delete the page


 * Ruzima (talk) 13:36, 1 March 2021 (UTC) — Ruzima (talk • contribs) is a confirmed sock puppet of Manfred.ruzicka (talk • contribs).


 * DELETE Just don't seem to be the reliable sources to demonstrate notability, and there seems to be a fairly obvious COI from two major contributors Dexxtrall (talk) 00:32, 2 March 2021 (UTC)

I think it is time to stop the discussions, because the discussions are going to personal (not only on wikipedia) and are not good for the project. If you want to help, please be fair and do not delete comments on this page. SSH-MITM is an open source project for the community. If you want to help, than contribute to the project and let it earn a wikipedia page, when it is the right time.

Ruzima (talk) 08:13, 2 March 2021 (UTC)

Please be fair, when discussing SSH-MITM. I have also created a statement in my project: https://github.com/ssh-mitm/ssh-mitm/issues/42

Ruzima (talk) 08:59, 2 March 2021 (UTC)

I'm sorry, if someone got upset, but the only reason was to contribute to ssh mitm. I'm not a programmer, so this was one option to help the project.

Note. I'm not connected to the mentioned user in the github issue. I changed my opionion and I also recommends to delete the page.

Manfred.ruzicka (talk) 12:22, 2 March 2021 (UTC)

KEEP because its like dniff sshmitm and its the only tool available. This tool is more than notable! — Preceding unsigned comment added by Rudolfstrauss (talk • contribs) 12:35, 2 March 2021 (UTC) — Rudolfstrauss (talk • contribs) is a confirmed sock puppet of Manfred.ruzicka (talk • contribs).

DELETE Rudolfstrauss made a COI and wrote in the reverted comment (https://en.wikipedia.org/w/index.php?title=Wikipedia:Articles_for_deletion/SSH-MITM&oldid=1009816717), that he was the person who created the redit posts. Rudolfstrauss (Wikipedia) and hugo_leitsnik (Reddit) seems to be the same person.

Rudolfstrauss wrote on reddit, the purpose of this page is not to create a page about ssh-mitm. His intention was to promote himself as a wikipedia contributor.


 * https://www.reddit.com/r/sysadmin/comments/lvv28h/help_to_save_sshmitms_wikipedia_page/
 * https://www.reddit.com/r/sysadmin/comments/lvzmtl/i_made_sshmitm_project_greate_because_i_wrote/

I'm sorry for the author of ssh-mitm :-( — Preceding unsigned comment added by Herozero4 (talk • contribs) 13:31, 2 March 2021 (UTC)

Herozero4 (talk) 12:41, 2 March 2021 (UTC) — Herozero4 (talk • contribs) is a confirmed sock puppet of Manfred.ruzicka (talk • contribs).

Sorry, I had a bad day yesterday. Is it possible to remove my wikipedia account and all contributions? I don't want to see my name in a discussion like this, because I can get problems, when other people reading this. I'm sorry for the problems. The reddit user and all reddit posts are deleted. Rudolfstrauss (talk) 07:23, 3 March 2021 (UTC)


 * Delete + Comment - Oh dear, what a mess this discussion has become. From the start, this article clearly does not meet WP:GNG and WP:NSOFT, seeing that there's no secondary sources to check for me but GitHub (WP:UGC), an offical website for "Paramiko", a link to NIST.gov listing a vulnerability, and then another GitHub linking to the license of the software. Not to mention the conflict-of-interest problem, admitted off-site canvassing on Reddit and GitHub (!!!), and the revealed socking by a CheckUser (+endorsed by Yamla). I've already added Not a ballot notice, and have also tidied this mess up (incl. striking sock votes), while still being readable to another uninvolved user. theinstantmatrix (talk) 17:31, 3 March 2021 (UTC) edited 17:54, 3 March 2021 (UTC)


 * The above discussion is preserved as an archive of the debate. <b style="color:red">Please do not modify it.</b> Subsequent comments should be made on the appropriate discussion page (such as the article's talk page or in a deletion review). No further edits should be made to this page.