Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 42506

Summary: SSH should only listen to protocol version 2
Product: Gentoo Linux Reporter: Florian Effenberger <floeff>
Component: New packagesAssignee: Gentoo Linux bug wranglers <bug-wranglers>
Status: RESOLVED DUPLICATE    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Florian Effenberger 2004-02-22 13:29:05 UTC 
SSH should only listen to protocol version 2. /etc/ssh/sshd_config should read "Protocol 2" (only). Protocol version 1 has security leaks, as far as I know.


Portage 2.0.49-r4 (default-x86-1.4, gcc-3.2.3, glibc-2.3.2-r1, 2.4.25)
=================================================================
System uname: 2.4.25 i586 AMD-K6(tm) 3D processor
ACCEPT_KEYWORDS="x86"
AUTOCLEAN="yes"
CFLAGS="-O3 -mcpu=k6 -march=k6 -funroll-loops -pipe"
CHOST="i586-pc-linux-gnu"
COMPILER="gcc3"
CONFIG_PROTECT="/etc /var/qmail/control /usr/share/config /usr/kde/2/share/config /usr/kde/3/share/config"
CONFIG_PROTECT_MASK="/etc/gconf /etc/env.d"
CXXFLAGS="-O3 -mcpu=k6 -march=k6 -funroll-loops -pipe"
DISTDIR="/usr/portage/distfiles"
FEATURES="sandbox ccache autoaddcvs"
GENTOO_MIRRORS="http://gentoo.seren.com/gentoo ftp://cs.ubishops.ca/pub/gentoo ftp://sunsite.ualberta.ca/pub/unix/Linux/gentoo/ http://adelie.polymtl.ca/"
MAKEOPTS="-j2"
PKGDIR="/usr/portage/packages"
PORTAGE_TMPDIR="/var/tmp"
PORTDIR="/usr/portage"
PORTDIR_OVERLAY=""
SYNC="rsync://rsync.gentoo.org/gentoo-portage"
USE="x86 libg++ nls tcpd python 3dnow aalib acl acpi alsa apm arts avi berkdb bonobo cdr crypt cups curl dga directfb doc dvd dvdr encode esd ethereal fbcon flash foomaticdb gb gd gdbm gif gnome gphoto2 gpm gtk gtk2 gtkhtml imap imlib jack java jpeg kde lcms libwww mad mbox mcal mikmod memlimit mmx motif mozilla mpeg mysql nas ncurses nocd oggvorbis opengl oss pam ppds pdflib perl png qt quicktime readline samba sasl sdl slang slp spell sse ssl svga tcltk tetex tiff truetype usb videos wmf X Xaw3d xface xinerama xosd xml xml2 xmms xv zlib"


Reproducible: Always
Steps to Reproduce:
1.
2.
3.
Comment 1 SpanKY gentoo-dev 2004-02-22 14:31:21 UTC 
this has already been done

*** This bug has been marked as a duplicate of 41215 ***
Comment 2 Florian Effenberger 2004-02-22 14:54:44 UTC 
In which release? I emerged ssh today, and the config file was "wrong"
Comment 3 SpanKY gentoo-dev 2004-02-22 15:24:25 UTC 
openssh-3.7.1_p2-r2

root@vapier 0 ssh # ebuild /usr/portage/net-misc/openssh/openssh-3.7.1_p2-r2.ebuild clean unpack compile install
root@vapier 0 root # cd /var/tmp/portage/openssh-3.7.1_p2-r2/image/etc/ssh/
root@vapier 0 ssh # grep Protocol sshd_config 
Protocol 2
Comment 4 Florian Effenberger 2004-02-22 15:30:45 UTC 
Ah, okay, -r2 is only in ~x86 yet. Thanks!