Am Die, 2002-06-25 um 18.10 schrieb Olaf Kirch:
 
> - if you do not need external access to your SSH daemons,
> turn off the SSH service on these machine completely, or block
> external access at the firewall.
>
> - if you do need external access to your SSH daemons,
> make sure you restrict the hosts that it will talk to by setting
> appropriate firewall rules.
>
> If, for some reason, you cannot configure your firewall to
> block external SSH access, you can also restrict access through
> /etc/hosts.allow;

Hmm - I need to administer a remote machine hosted at a server farm.
By no means can I afford to lock myself out of that system by upgrading
ssh, as several people have reported on this list. Nor can I use
host-based access control reasonably, because I login from a large
dialin provider with changing IP address & hostname.

I am very certain I am not alone with this problem.
Do you have any advice how to proceed ?

Being able to install the new version in parallel to the old one and
only disable the old one when the new one proves to work would be a nice
option.

Martin

-- 
To unsubscribe, e-mail: suse-security-unsubscribesuse.com
For additional commands, e-mail: suse-security-helpsuse.com
Security-related bug reports go to securitysuse.de, not here

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]