Your IT security depends on a number of things: one of the most crucial factors is ensuring that you’re aware of vulnerabilities before they cause damage. By proactively managing vulnerabilities or impending issues, you stop your business from having to deal with potentially damaging repercussions later on.
SSH is a protocol commonly used by system administrators and developers to remotely access and manage servers from a remote location; it's one of the most commonly used management protocols out there. A dangerous new vulnerability has been discovered that affects OpenSSH clients (PuTTY Windows SSH client is independent of OpenSSH and is not affected by this.)
Exploiting this newly discovered flaw allows the bad guys to set up a malicious SSH server, trick someone into ssh’ing into it, and then steal their private keys. The results could be disastrous, but don’t worry quite yet – there’s a way to avoid all of this.
What Can You Do?
Patches will be forthcoming for some systems, but both Macs and Windows Cygwin installations aren’t likely to see an update anytime soon, so it’s crucial that you manually apply one of the following workarounds on your laptops and workstations:
From a Mac's Terminal app:
sudo sh -c 'echo "UseRoaming no" >> /etc/ssh/ssh_config'
From a Windows Cygwin Terminal:
If you don't have an /etc/ssh_config (this is the default), write out this /etc/ssh_config:
If you do have an /etc/ssh_config, add the following below the existing Host * line:
Using Linux or BSD on a workstation or laptop:
sudo sh -c 'echo -e "Host *nUseRoaming no" >> /etc/ssh/ssh_config'
Don’t leave your workstations susceptible to dangerous hacks that could seriously compromise your livelihood. To learn more about this vulnerability or to speak with a team of IT experts about the most effective ways to stay secure, contact IT Freedom or 512.351.4960.