[linux-elitists] SECURITY: Theo says test the new OpenSSH release or else!
Mon Jun 24 16:20:48 PDT 2002
> OpenSSH 3.3p was released a few days ago, with various improvements
> but in particular, it significantly improves the Linux and Solaris
> support for priv sep. However, it is not yet perfect. Compression is
> disabled on some systems, and the many varieties of PAM are causing
> major headaches.
> However, everyone should update to OpenSSH 3.3 immediately, and enable
> priv seperation in their ssh daemons, by setting this in your
> /etc/ssh/sshd_config file:
> UsePrivilegeSeparation yes
> Depending on what your system is, privsep may break some ssh
> functionality. However, with privsep turned on, you are immune from
> at least one remote hole. Understand?
> 3.3 does not contain a fix for this upcoming bug.
I have temporarily shut off ssh access to this server; if you really
need to get in, FedEx me a modem.
http://zgp.org/~dmarti Help spread accurate information
firstname.lastname@example.org about Xenu and the Church of Scientology.
KG6INA <a href="http://xenu.net/">Scientology</a> on your web site.
More information about the linux-elitists