Mailinglist Archive: opensuse-security (465 mails)

< Previous Next >
Re: [suse-security] SuSE Security Announcement: OpenSSH
  • From: Martin Köhling <mk@xxxxxxxxxxxxxxxxxx>
  • Date: Tue, 4 Dec 2001 12:36:02 +0100 (CET)
  • Message-id: <Pine.LNX.4.33.0112041223460.16104-100000@xxxxxxxxxxxxxxxxxx>
On Mon, 3 Dec 2001, Sebastian Krahmer wrote:

> SuSE Security Announcement
>
> Package: openssh
> Announcement-ID: SuSE-SA:2001:044
> Date: Mon Dec 3 14:01:19 CET 2001
> Affected SuSE versions: 6.4, 7.0, 7.1, 7.2, 7.3
...
> If you are logged on via sshd, then it is adviseable to perform
> the update
> in an atjob to make sure that it can be completed if your secure shell
> daemon gets killed:
>
> rpm -Uhv openssh-*.rpm
> echo "rcsshd restart" | at now

I just noticed that the second line does *not* work with SuSE 7.0 -
the "master" daemon gets killed, but it isn't restarted as long
as there are still child ssh processes running; if you log out
now, you can no longer log into the remote box - until somebody reboots
it or restarts sshd manually!

(The procedure works fine with SuSE 7.2, though - I guess the
start/stop script needs an update; I suspect 6.4 will have the
same problem...)

A simple workaround: type

echo "rcsshd restart" | at now + 2 minutes

and immediatley log out from *all* ssh sessions - after 2 minutes
all should be well again...

Martin


< Previous Next >
References