Date: Mon, 29 Jan 2001 10:14:11 -0600 From: Ade Lovett <ade@FreeBSD.org> To: Rasputin <rasputin@FreeBSD-uk.eu.org> Cc: freebsd-security@freebsd.org, imp@village.org Subject: Re: OpenSSH b0rked (was RE: Problems with IPFW patch) Message-ID: <20010129101411.A16899@FreeBSD.org> In-Reply-To: <20010129095752.A37233@dogma.freebsd-uk.eu.org>; from rasputin@FreeBSD-uk.eu.org on Mon, Jan 29, 2001 at 09:57:53AM %2B0000 References: <NDBBJJFIKLHBJCFDIOKGEEKHCAAA.kupek@earthlink.net> <FDEEKLDJMPFBCBKOEEINCEIGCKAA.scott@link-net.com> <20010124230626.A49802@citusc17.usc.edu> <20010125103255.A78404@FreeBSD.org> <200101262153.f0QLrLL40016@earth.backplane.com> <20010129095752.A37233@dogma.freebsd-uk.eu.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Jan 29, 2001 at 09:57:53AM +0000, Rasputin wrote: > In general I'd agree with Matt and aDe, but if a directive > affecting security has changed, I'd say it's better to be notified of it > as soon as possible. > Killing off sshd obviously makes remote admin a real problem, though; > is there another way to guarantee we'd notice ? Well, something in /usr/src/UPDATING might have helped. Believe it or not, I do read it. Nothing there. Update -stable box, run mergemaster, ignore anything to do with ssh_config or sshd_config since ours are fairly heavily different, reboot, no sshd. If it's not going to be backed out (a serious mistake, IMO), then UPDATING needs to be modified at least: 200101xx The 'ConnectionsPerPeriod' directive in /etc/ssh/sshd_config has been deprecated. Please ensure that you either comment out, or preferably remove, this entry BEFORE REBOOTING. /usr/sbin/sshd after this date WILL NOT RUN with this directive in place, which is likely to cause substantial issues for headless machines. There. Another mighty victory for the Confederation. -aDe -- Ade Lovett, Austin, TX. ade@FreeBSD.org FreeBSD: The Power to Serve http://www.FreeBSD.org/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010129101411.A16899>