Openssh 6.7 P1

admin



Contents

  1. Openssh 6.7p1 Vulnerabilities
  2. Openssh 6.7 P1 Exploit
  3. Openssh 6.7p1 Debian 5+deb8u4 Protocol 2.0
  4. Openssh 6.7 P1102w

Openssh 6.7p1 Vulnerabilities

Openssh 6.7 P1
Installed Programs:scp, sftp, ssh, ssh-add, ssh-agent, ssh-copy-id, ssh-keygen, ssh-keyscan, and sshd
Installed Directories:/etc/ssh, /usr/share/doc/openssh-8.5p1, and /var/lib/sshd

Short Descriptions

6.7

List of packages with same homepage as openssh in all repositories Toggle navigation. 2p1 6 8.2p1 8.2.p1 8.1p1 4 8.1p1 4 8.1pl1 8.0p1 8 7.9p1 6 7.9p1. Debug1: Local version string SSH-2.0-OpenSSH8.3. Poking around, I found this article from Arch Linux forums: SOLVED openssh load pubkey 'mykeyfilepath': invalid format. Apparently OpenSSH-client now requires both the private AND public keys to be available for connecting. Mathematically the public key isn't a factor. S shd in OpenSSH before 7.4 allows remote attackers to cause a denial of service (NULL pointer dereference and daemon crash) via an out-of-sequence NEWKEYS message, as demonstrated by Honggfuzz, related to kex.c and packet.c.

Openssh 6.7 P1 Exploit

scp

is a file copy program that acts like rcp except it uses an encrypted protocol

sftp

is an FTP-like program that works over the SSH1 and SSH2 protocols

ssh

is an rlogin/rsh-like client program except it uses an encrypted protocol

sshd

is a daemon that listens for ssh login requests

ssh-add

is a tool which adds keys to the ssh-agent

ssh-agent

is an authentication agent that can store private keys

ssh-copy-id

is a script that enables logins on remote machines using local keys

ssh-keygen

is a key generation tool

ssh-keyscan

is a utility for gathering public host keys from a number of hosts

Openssh 6.7p1 Debian 5+deb8u4 Protocol 2.0

Summary:
1) Will openssh-6.7 continue to be supported for a long time?
2) Else, what is the recommended alternative to hosts.{allow,deny} and SEC blacklisting?
Verbose:
Another emerge --sync, another problem...! (lol)
It seems as of v6.9, openssh no longer supports tcpwrappers. (Eek!)
As tcpwrappers is the primary guardian for my ssh'ing, this is obviously quite a big problem. (Erk)
As I see it I have two options:
1) Mask >net-misc/openssh-6.9
2) Roll an alternative to tcpwrappers + SEC
1) is an easy default, but I am concerned it will stop being supported in the near future.
2) will, I suspect, require considerably more zots to execute; If this future-proofs it, I don't mind, but I will require suggestions and help.
I currently have some known systems whitelisted with hosts.deny, and am using SEC to scan for sshd breach attempts and add them to hosts.deny.
The setup has been tweaked a lot over time, and works pretty well with some extra rules to defeat sneakiness, which is why I'm reluctant to throw it all away.
What are your thoughts for options and implementation for option 2?

Openssh 6.7 P1102w


Last edited by Cyker on Wed Jul 22, 2015 8:57 pm; edited 1 time in total