[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Upcoming OpenSSH vulnerability

To: misc@openbsd.org
Subject: Re: Upcoming OpenSSH vulnerability
From: Rémi Guyomarch <rguyom@pobox.com>
Date: Wed, 26 Jun 2002 05:39:42 +0200
Content-Disposition: inline
References: <20020625090816.B24304@diabolic-cow.chatgris.net> <200206250912.g5P9CRLI028429@cvs.openbsd.org>
User-Agent: Mutt/1.2.5.1i

On Tue, Jun 25, 2002 at 03:12:27AM -0600, Theo de Raadt wrote:
> Maybe yes, maybe no.
> 
> Note I've not answered your question either way.  So what are you going to
> do?  Perhaps follow the instructions I sent?

I did upgrade to 3.3 before sending this question and just to be sure
I firewalled (ie port 22 open only for a restricted set of IPs) most
of the boxes.
However, I asked that question since :
1) PermitRootLogin is on by default on 3.3
2) "root logins are special" :)

Anyway, I perfectly understand why you don't want to answer this type
of questions right now.

-- 
Rémi

References:
- Re: Upcoming OpenSSH vulnerability
  - From: Rémi Guyomarch <rguyom@pobox.com>
- Re: Upcoming OpenSSH vulnerability
  - From: Theo de Raadt <deraadt@cvs.openbsd.org>

Prev by Date: Re: Using blowfish keys with ipsec?
Next by Date: Re: Compile Openssh 2.9
Prev by thread: Re: Upcoming OpenSSH vulnerability
Next by thread: Re: Upcoming OpenSSH vulnerability
Index(es):
- Date
- Thread