Date: Thu, 27 Jun 2002 22:14:40 +0100 From: Matthew Seaman <m.seaman@infracaninophile.co.uk> To: Steven Lake <raiden@shell.core.com> Cc: freebsd-questions@FreeBSD.ORG Subject: Re: sshd_config question Message-ID: <20020627211440.GB5504@happy-idiot-talk.infracaninophi> In-Reply-To: <Pine.GSO.4.44L0.0206271550130.26498-100000@shell.core.com> References: <Pine.GSO.4.44L0.0206271550130.26498-100000@shell.core.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, Jun 27, 2002 at 03:53:38PM -0500, Steven Lake wrote: > HI all. Quick question. After doing some reading I noticed > something about the openssh vulnerability and I had a question. Here's my > sshd_config file, does it have everything set correctly to be clear of the > vulnerability? Just curious. Thanks. Looks like you're using OpenSSH-2.9 as supplied with 4-STABLE. According to CERT (http://www.cert.org/advisories/CA-2002-18.html), all that is necessary for that version is: ChallengeResponseAuthentication no You're fine. Later versions (2.9.9 - 3.4p1) should also have: PAMAuthenticationViaKbdInt no UsePrivilegeSeparation yes Matthew -- Dr Matthew J Seaman MA, D.Phil. 26 The Paddocks Savill Way Tel: +44 1628 476614 Marlow Fax: +44 0870 0522645 Bucks., SL7 1TH UK To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020627211440.GB5504>