Narnio» exploid http://www.narnio.com A day in the life of a software engineer Sat, 04 Feb 2012 18:31:54 +0000 en hourly 1 http://wordpress.org/?v=3.2 Avoid Debian Exploid using SSH http://www.narnio.com/2008/05/22/avoid-debian-exploid-using-ssh/ http://www.narnio.com/2008/05/22/avoid-debian-exploid-using-ssh/#comments Thu, 22 May 2008 08:03:33 +0000 Jongerius http://www.narnio.com/?p=196 Not so long ago news surficed that the SSH protocol used in Debian was a lot less then secure. It appears that you can easily guess the key used for the encryption of all data send between the client and the server.

This would mean anyone could hack your debian server by just listening in to the communication between you and it. This is of course not what you want so here are a few easy steps to upgrade the faulty components.

  1. First you must update the apt by entering apt-get update
  2. After this it’s time to update the SSL libraries by entering apt-get install libssl0.9.8
  3. Know that the encryption is a lot more secure again its time to generate new keys for the server this can be done by executing the following line:
    ssh-keygen -N ” -t dsa -f /etc/ssh/ssh_host_dsa_key
  4. Also update the RSA key by entering:
    ssh-keygen -N ” -t rsa -f /etc/ssh/ssh_host_rsa_key
  5. Last but not least is restarting the SSH service to complete the update, this is done by running:
    /etc/init.d/ssh restart

Please note that after doing this and reconnecting you will most likely get a warning stating the server changed certificates. Which is true as you’ve done just that in the above steps.

Copyright © 2012 Narnio. This Feed is for personal non-commercial use only. If you are not reading this material in your news aggregator, the site you are looking at is guilty of copyright infringement. Please contact legal@jong-soft.com so we can take legal action immediately.]]> http://www.narnio.com/2008/05/22/avoid-debian-exploid-using-ssh/feed/ 0