Vulnerability with ssh in OpenSSH in an RHEL installation
There was a security analysis run on one server which has RHEL 5.8 installed and it is showing security vulnerabilities with respect to ssh in OpenSSH with reference no CVE-2007-4752. The vulnerability solution in the security report is showing solution as below:
If you are registered with RH and have yum available & configured for getting updates, then it might be prudent to update all your RPMs to current levels. You would be advised to apply the updates to a test server that is based on production first to see if there are any functional issues with the changes.
It will take a while and will probably need a boot to complete.
Don't do this during on-line services or batch/backup windows.
I had a query that would applying the updates cause any issues with running services, I do not think they should at all interfere with the services.
As a example, say if there is a webpage hosted and httpd daemon is running, now if the httpd package is updated then should there be any issues with the webpage which is hosted and accessed at present.
Hey Folks,
I currently have several RHEL 3 machines. All of them are running OpenSSH_3.6.1p2, SSH protocols 1.5/2.0
I have a vulnerability issue and need to update OpenSSH to the newest version supported by RHEL 3.
The question is:
What would that version would be?
This is... (1 Reply)
Hi ,
Currently the machine is running with Sun_ssh. I would like to move to Open_ssh.
I went through google.
Each link shows different directions/ways to install openssh. I am not sure which one to proceed with .
Installing OpenSSH Packages - SPARC and Intel x86/Solaris 9 and 10
... (0 Replies)
Hi,
I have installed openssh in one of my windows servers following SUA community guidelines. I can successfully install and generate RSA DSA keys. But I cannot SSH to server from my Solaris machine. Below is the output from ssh -v <server>. Also I tried to SSH from the K-shell to localhost... (0 Replies)
Ok, Im trying to get NFS working on my RHEL 5 box, apparently i can use the box as a client, but not as a server. If it helps i cant ssh into the box (server), but as a client ssh works fine. Ive configured
server:
/etc/hosts.allow:
all : all
all :all@all
setup my /etc/exports file... (4 Replies)
I set the RETRIES and DISABLETIME in /etc/default/login on 2 systems:
- 1 Solaris 9 system running Sun SSH
- 1 Solaris 9 system running Openssh 5.2 P1
I expected that after n failed logins, the login process will hang for n seconds.
It does when the attempted login is done at the console... (8 Replies)