[Gllug] [Fwd: SSH Security Advisory: Centos (and other distros)]

Harry Rickards hrickards at l33tmyst.com
Tue Jul 7 18:56:46 UTC 2009 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Just wondered if anyone knew whether this affects Debian stable?

- -------- Original Message --------
Subject: SSH Security Advisory: Centos (and other distros)
Date: Tue, 7 Jul 2009 14:10:50 -0400
From: FSCK VPS <support at fsckvps.com>
To: Harry Rickards <l33tmyst at gmail.com>

This is a WARNING ONLY. We have no concrete proof but suggest that
people do follow this as well as changing the default SSH port from 22
to something else


We have been hearing rumours of a possible SSH security hole that
effects older version of SSH (including 4.3 that is shipped with
CentOS). As such we are strongly advising all users to upgrade their SSH
version to the latest stable version if this be from source or RPM.


You can find (what we consider trusted) RPMS
http://layer1.rack911.com/openssh/. To find out the version you would
need please run


cat /etc/redhat-release ; uname -a


You will get output similar to


[root at server bin]# cat /etc/redhat-release
CentOS release 5.3 (Final)


If you see 5.x then you want RHEL5


If you see 4.x then you want RHEL4


[root at server bin]# uname -m


i686


IF you see i686 or i386 you want the x86 download


If you see x86_64 you want the x86_64 download


You can download the files via wget and install them via rpm


e.g.


 wget -m -np http://layer1.rack911.com/openssh/rhel5/x86_64


(lots of output)


cd /root/layer1.rack911.com/openssh/rhel5/x86_64
rpm -Uvh *.rpm


Start a new SSH session to the server (so you have two)


then run "/etc/init.d/sshd restart"


Having two means if it goes wrong you can still access it and fix it


Please change these commands as appropiate


If you have any questions please reply to this email and we will help
you out but please note if we expect we might get a number of replies so
please do this when it is a quiet time for yourself and visitors as it
might take a while for us to get to your ticket


Rgds


Rus Foster




- --
Many thanks
Harry Rickards (GPG Key ID:58449F6F)

- -----BEGIN GEEK CODE BLOCK-----
Version: 3.1
GAT/GCM/GCS/GCC/GIT/GM d? s: a? C++++ UL++++ P- L+++ E--- W+++ N o K+
w--- O- M- V- PS+  PE Y+ PGP++ t 5 X R tv-- b+++ DI D---- G e* h! !r y?
- ------END GEEK CODE BLOCK------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iJwEAQECAAYFAkpTmm4ACgkQ+9DWHFhEn2+ipwQAv7Fw17HwIrQOJh9Qn0lf9wnM
EIg3kUff5xqiq5bIInHtjZ/Q/7k9pbNNJ8E1h9NEE3qyDXQCzvHdcpbpe15pwd2V
DGNeooZlt3BC8nNmcxxMUnqFUGCW7iiY5In7iLEnAuPZLr/zwYAt2Ju+MrIcfjdn
JOc+eoxK4xNasO4uwgk=
=4vl+
-----END PGP SIGNATURE-----
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug

More information about the GLLUG mailing list