[TriLUG] Re: OpenSSH Security Advisory (adv.iss)
Brian Daniels
bitmage at bellsouth.net
Wed Jun 26 14:55:33 EDT 2002
On Wed, Jun 26, 2002 at 12:56:01PM -0400, James Manning wrote:
> 3. Short-Term Solution:
>
> Disable ChallengeResponseAuthentication in sshd_config.
>
Note that the 'short-term solution' is an _easy_ fix. Just edit
sshd_config and restart sshd. Do it now, then watch for your vendor to
issue an update if you're uncomfortable with compiling OpenSSH yourself.
(As an aside, anyone know what's up with Alan Cox suggesting that Theo
might be trojaning OpenSSH? That's a heck of an accusation...)
--Brian
--
Anything you can imagine (and many things you can't),
someone on the net is doing.
Brian Daniels bitmage at bellsouth.net
http://www.eviloverlord.net
More information about the TriLUG
mailing list