Security Basics mailing list archives
SSH / Witch options are secure ??
From: <MatzeGuentert () gmx de>
Date: Fri, 15 Aug 2003 18:41:24 +0200
Hello list I have just set up a suse 8.0 isdn router and want to update sshd. Which options do you choose via ./configure to be as secure as possible? Is the default installation secure enough? I have downloaded the newest release 3.6.1p2. I have red that OpenBSD with SSHD 2.9.9 - 3.3 is vulnerable with this options enabled. -- SSH2 support -- Challenge-response authentication enabled (reported by exploit, sort of) -- SKEY and/or BSDAUTH defined at compile time (reported by exploit) I now I am paranoid 8^) but this will be the only reachable service from outside. Any hints on this? Best Regards Matthias Güntert --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- SSH / Witch options are secure ?? MatzeGuentert (Aug 15)
- Re: SSH / Witch options are secure ?? Chris Ess (Aug 16)
- AW: SSH / Witch options are secure ?? MatzeGuentert (Aug 16)
- Re: AW: SSH / Witch options are secure ?? Chris Ess (Aug 18)
- AW: SSH / Witch options are secure ?? MatzeGuentert (Aug 16)
- Re: SSH / Witch options are secure ?? Gabriel Orozco (Aug 16)
- <Possible follow-ups>
- RE: SSH / Witch options are secure ?? Adil Can (Aug 18)
- Re: SSH / Witch options are secure ?? Chris Ess (Aug 16)