The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SSH security

Discussion in 'Security' started by avara, Jul 5, 2002.

  1. avara

    avara Well-Known Member

    Joined:
    Oct 28, 2001
    Messages:
    90
    Likes Received:
    0
    Trophy Points:
    6
    While I updated SSH on all our existing servers quickly after the security hole came out, I just brought online a new server and insatlled CPanel on it. I was just wondering whether this will also require updating, or as it was only set up this week will the installer already have installed the correct secured version?
     
  2. avara

    avara Well-Known Member

    Joined:
    Oct 28, 2001
    Messages:
    90
    Likes Received:
    0
    Trophy Points:
    6
    Anyone?
     
  3. ecoutez

    ecoutez Well-Known Member

    Joined:
    May 23, 2002
    Messages:
    152
    Likes Received:
    0
    Trophy Points:
    0
    New server should be okay

    Server that I built yesterday updated itself to the proper RedHat-patched version of OpenSSH. Login via SSH to check it out yourself. You should be running this version if it has been updated.

    # rpm -q openssh-server
    openssh-server-3.1p1-6

    - Jason
     
  4. moronhead

    moronhead Well-Known Member

    Joined:
    Aug 12, 2001
    Messages:
    706
    Likes Received:
    0
    Trophy Points:
    16
    Does this version have the security hole?

    openssh-server-3.1p1-5
     
  5. Seven77

    Seven77 Active Member

    Joined:
    Nov 7, 2001
    Messages:
    29
    Likes Received:
    0
    Trophy Points:
    1
    Yes, update open-ssh to 3.4

    3.1 has hole which you have to possibility to get root access.

    If you update please read the readme-File 'privsep' If you update without creating a gorup and a user you will shout down ssh and may log you out of admin your server!

    Seven
     
  6. bdraco

    bdraco Guest

    http://rhn.redhat.com/errata/RHSA-2002-127.html

    Here are the proper versions of the patch 3.1. If you have any of these you should be fine. Note: 3.4 has a few problems and a patched 3.1 seems to be a better solution at this time.
     
  7. NetGeek

    NetGeek Well-Known Member

    Joined:
    Mar 4, 2002
    Messages:
    67
    Likes Received:
    0
    Trophy Points:
    6
    So is 3.1.p1-6 okey ?

    and since I am on it, what about bind 9.2.1-0.7x ?


    NG
     
  8. awsol

    awsol cPanel Test Bitch

    Joined:
    Feb 8, 2002
    Messages:
    591
    Likes Received:
    0
    Trophy Points:
    16
    Location:
    Boston MA
    openssh-3.4p1 is out.

    RedHat don't have RPMs yet though.
     
Loading...

Share This Page