Mailinglist Archive: opensuse-security (49 mails)

< Previous Next >
Re: [opensuse-security] Security report from rkhunter on default install of openSUSE 10.2
  • From: "Darko Gavrilovic" <d.gavrilovic@xxxxxxxxx>
  • Date: Thu, 28 Dec 2006 12:38:35 -0500
  • Message-id: <38c146350612280938g45c66f3l6e38877228be7440@xxxxxxxxxxxxxx>
I interpreted the OP's question as more of a a question about
rkhunter's usage and the false positives it generates as opposed to
any inherent insecurities in a default SUSE install.



On 12/28/06, Darko Gavrilovic <d.gavrilovic@xxxxxxxxx> wrote:
Yup. As per link.

--------
Configure SSH for SSH2-only Access

Modify the /etc/ssh/sshd_config file to change the PROTOCOL line from:

#PROTOCOL 1,2

to:

PROTOCOL 2

---------

On 12/28/06, Shawn Badger <sbadger@xxxxxxxxxxx> wrote:
> If I remember correctly ssh v1 has several security holes in it and is
> should be disabled by having the following in your /etc/ssh/sshd_config
> file:
> Protocol 2
>
>
> On Thu, 2006-12-28 at 11:08 +0100, Mathias Homann wrote:
> > Am Mittwoch, 27. Dezember 2006 11:51 schrieb Marcus Meissner:
> >
> > > THere is no known security hole in the default install and the SUSE
> > > supplied repositories.
> > >
> > > I cannot speak for other repositories, like packman or guru, but
> > > you would be the first reporter.
> > >
> > > And you should give us *exact* error messages from above if you
> > > want us to help.
> >
> > I don't know about 10.2 (yet; just installing rkhunter on my 10.2),
> > but on my 10.0 rkhunter complains about this:
> >
> > * Application version scan
> > - GnuPG 1.4.2 [ Vulnerable ]
> > - OpenSSL 0.9.7g [ Vulnerable ]
> >
> > * Check: SSH
> > Searching for sshd_config...
> > Found /etc/ssh/sshd_config
> > Checking for allowed root login... Watch out Root login possible.
> > Possible risk!
> > info:
> > Hint: See logfile for more information about this issue
> > Checking for allowed protocols... [ Warning (SSH v1 allowed) ]
> >
> >
> > Now, I'm not overly concerned about the "root allowed" since on my box
> > that is allowed only with ssh key, not with passphrase, AND not from
> > external adresses... but I'm not quite sure about the SSHv1
> > complaint, and the versions...
> >
> >
> > bye,
> > MH
> >
> > --
> > gpg key fingerprint: 5F64 4C92 9B77 DE37 D184 C5F9 B013 44E7 27BD
> > 763C
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
> For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx
>
>


--
"Develop success from failures. Discouragement and failure are two of
the surest stepping stones to success." - Dale Carnegie



--
"Develop success from failures. Discouragement and failure are two of
the surest stepping stones to success." - Dale Carnegie
---------------------------------------------------------------------
To unsubscribe, e-mail: opensuse-security+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse-security+help@xxxxxxxxxxxx

< Previous Next >
Follow Ups