Hi all,
There was a buffer overrun in OpenSSH 3.02p1 (the previously installed
version). I upgraded us to OpenSSH 3.1p1.
I also did a few changes. Login is now performed via PAM. I enhanced the
session public key to 1024 bits. I moved all configuration files to
/etc/ssh, and deleted all old versions (/etc/ssh2 and /usr/local/etc). I
also installed ssh with the suid bit not set.
The sources for the newly compiled SSH are under
/usr/local/src/openssh-3.1p1, and you can find a file called
"compile.sh" that holds the "./config" parameters used (there were quite
a few). Please use it the next time you upgrade ssh, to avoid
reinventing the wheel.
I also deleted the sources for the old version from
/usr/src/openssh-3.02, as those were not the ones used to compile the
old version anyways.
IMPORTANT NOTE - during this process, the host's public key was NOT
changed. You should be able to continue logining in without any warnings
about changed host keys. If that does not happen, someone may be playing
man in the middle on you!
Enjoy,
Shachar
----------------------------------------------------------------------------
To unsubscribe, send a message to [EMAIL PROTECTED]
Archives available at http://www.mail-archive.com/[email protected]/
