[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Upcoming OpenSSH vulnerability

Somewhat of topic (pertaining to Linux with OpenSSH)

It appears that machines running 2.2 Linux kernels do not support the
privilege separation option and can thus not be made 'safe'. I've
patched several Linux boxes to OpenSSH 3.3; all 2.4 machines work, all
2.2 machines don't (immediate disconnect). Setting
"UsePrivilegeSeparation No" in sshd_config lets me log in again.
Unfortunately this defies the entire purpose of upgrading. 

My OpenBSD and NetBSD boxen work splendidly.

Another good reason to :
A) get your linux vendor to help the openssh developpers
B) switch to OpenBSD ;)

Paul 'WEiRD' de Weerd


Visit your host, monkey.org