 |
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
|
Home
| Calendar
| Mail Lists
| List Archives
| Desktop SIG
| Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU |
Bill Carlson wrote: | | The "bug" does not appear to affect Redhat supplied OpenSSH, neither S/KEY | not BSD Auth is configured. | | Gordon is correct as far as I can tell, THERE IS NO VUNLERABILITY for | Redhat supplied OpenSSH for this particular issue. There is NO NEED to | upgrade yet. I've heard of at least one possible hole in the 3.3 version | (sorry, lost the link) so don't upgrade blindly. Another reason you might want to wait: I tried installing 3.3 on my home machine. I can now ssh out, but incoming connections all get "Permission denied" after I type the password, and /var/log/messages gets a "Failed password for jc from 64.28.81.46 port 46127 ssh2" type message. This fails the same way for all the outside machines that I have accounts on. So far, I haven't found any clues about how to get it to work again. I hope I don't have to enable telnet and ftp ...
 |
|
| BLU is a member of BostonUserGroups | |
| We also thank MIT for the use of their facilities. | |
