Control: reassign -1 chkrootkit Control: severity -1 important On Sat, Aug 22, 2015 at 04:37:33PM -0700, Francois Marier wrote: > Sorry for the alarmist bug report. Hopefully this is a false positive and it > can be reassigned to chkrootkit, but just in case... > > The "ssh -G" test [1] for Linux output has changed: > > on wheezy (openssh 6.0), it was: ssh: illegal option -- G > on jessie (openssh 6.7), it was: unknown option -- G > > and now on 6.9, there's nothing except the normal usage info. > > Is this a sign of Linux Ebury? Or (hopefully) a genuine change in the output > which now invalidates this simple rootkit test?
It is a false positive. See: http://www.openssh.com/txt/release-6.8 (Perhaps an unfortunate choice given Ebury, but maybe there's still some way to distinguish the two, since the semantics of the new upstream option are quite different. "ssh -G <hostname>" will print the configuration that will be active when connecting to that host.) -- Colin Watson [cjwat...@debian.org]