Boston Linux & Unix (BLU) Home | Calendar | Mail Lists | List Archives | Desktop SIG | Hardware Hacking SIG
Wiki | Flickr | PicasaWeb | Video | Maps & Directions | Installfests | Keysignings
Linux Cafe | Meeting Notes | Blog | Linux Links | Bling | About BLU

BLU Discuss list archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[REDHAT] Re: OpenSSH bug workaround *NOT NEEDED* (fwd)

Can you send up your sshd_config file as well.


On Thu, 27 Jun 2002, John Chambers wrote:

> Bill Carlson wrote:
> |
> | The "bug" does not appear to affect Redhat supplied OpenSSH, neither S/KEY
> | not BSD Auth is configured.
> |
> | Gordon is correct as far as I can tell, THERE IS NO VUNLERABILITY for
> | Redhat supplied OpenSSH for this particular issue. There is NO NEED to
> | upgrade yet. I've heard of at least one possible hole in the 3.3 version
> | (sorry, lost the link) so don't upgrade blindly.
> Another reason you might want to wait:  I tried installing 3.3 on  my
> home  machine.   I  can now ssh out, but incoming connections all get
> "Permission denied" after I type the password, and  /var/log/messages
> gets a "Failed password for jc from port 46127 ssh2" type
> message.  This fails the same way for all the outside machines that I
> have accounts on.  So far, I haven't found any clues about how to get
> it to work again.  I hope I don't have to enable telnet and ftp ...
> _______________________________________________
> Discuss mailing list
> Discuss at

BLU is a member of BostonUserGroups
BLU is a member of BostonUserGroups
We also thank MIT for the use of their facilities.

Valid HTML 4.01! Valid CSS!

Boston Linux & Unix /