Patch OpenSSH — AND — Disallow insecure connections by removing them from your configuration
17 hours ago
A recent vulnerability in SSH means that many servers allowing users to connect using certain encryption algorithms are vulnerable to attack.
Edit this file:
sudo vi /etc/crypto-policies/back-ends/opensshserver.config
If you want to know how I figured that out, read on.
By the way — there were two vulnerabilities announced in SSH recently. There’s a separate SSH issue I covered in this post which has to do with the keys you use to authenticate to SSH:
I may provide an update for the above later as well.
About the Terrapin Attack
I first read about the Terrapin Attack here:
And see that many people still have not updated their configuration to protect against this attack:
How does it work?
Here’s what happens at a high level. A person wants to connect with SSH so they run a command to connect to the server.
The client machine and the server machine perform what is called a “handshake” to determine which encryption algorithms can be used to encrypt the communications between the two hosts.
#Configuring #SSH #Protect #Terrapin #Attack #AWS #EC2 #Amazon #Linux #Instances #Teri #Radichel #Cloud #Security #Jan