If I wanted to restrict ssh to only listen for my office's ip until it
gets patched how do I do this? I tried editing sshd_config and putting
my office ip as the listenaddress but it didn't work. What did I do
incorrectly?
Thanks, Justin
ps: please reply to email address as well as deb list.
-Original Message-
From: Chris Kenrick [mailto:[EMAIL PROTECTED]
Sent: Monday, June 24, 2002 6:29 PM
To: justin cunningham
Cc: debian-user@lists.debian.org
Subject: Re: ssh update or upgrade required? which is it?
On Mon, Jun 24, 2002 at 06:14:18PM -0700, justin cunningham wrote:
> Hi list, can you please clarify something for me-- this should be
pretty
> straight forward so sorry if the question seems a bit lame. Can you
> please reply to the email in addition to the list since I'm not
> currently subscribed.
>
> I read this release http://www.debian.org/security/2002/dsa-134 and it
> says to upgrade to ssh 3.3p1 for woody and that the package for potato
> hasn't yet been compiled.
>
> On my stable boxes I ran apt-get update and it pulled down some
patches
> from security though the only recent post for security updates is this
> one so was my open ssh from the potato branch updated proficiently or
do
> I need to install this new version? If I need to install ssh 3.3 and
> want the rest of my box to stay in stable until woody is complete how
do
> I do this?
>
> Thanks, Justin
>
According to my traversing through the security updates section via FTP,
the ssh version there for potato i386 is 1.2.3-9.4 So no, you haven't
fixed the vulnerability via any apt-get upgrades ...
You really have two options: download the ssh source and compile it
yourself, or wait until the potato update gets done. I presume potato
is still being security patched, at least until a bit after Woody is
released.
- Chris
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
