OpenSSH J-PAKE Authorization Vulnerability

Vulnerability name: OpenSSH J-PAKE Authorization Vulnerability (CVE-2010-4478)

Vulnerability Description: OpenSSH is implemented by the SSH protocol group and provides encrypted authentication transmission for various services, including remote shell access. OpenSSH 5.6 and earlier versions do not properly validate public parameters in the J-PAKE protocol when the J-PAKE is enabled. Remote attackers can bypass the need to share secret information by sending special values in each round of protocol and successfully obtain authentication.

Solution: uninstall the OpenSSH service and install the latest version of OpenSSH.

Solution steps:

 

1. Check that the OpenSSL version is 0.9.6 or later.

Rpm-Qa | grep OpenSSL

 

2. Check that the zlib version is 1.2.1.2 or later.

Rpm-Qa | grep zlib

 

3. log on to the system as the root user and upload openssh-6.6p1.tar.gz to the/root directory.

CP/mnt/openssh-6.6p1.tar.gz/root

 

4. Back up the original RPM boot script to the current path

CP/etc/init. d/sshd ./

 

5. Stop the SSH service

/Etc/init. d/sshd stop

 

6. Delete the original RPM OpenSSH package

Rpm-e openssh-server openssh-5.3p1 openssh-clients openssh-askpass -- nodeps

 

7. Unzip the source code patch installation package

Tar-zxvf OpenSSH 6.0p1.tar.gz

 

8. Enter the Directory

CD/root/openssh6.0p1

9. Configure yum

Create an ISO Mount directory

Mkdir/localyum

Mount the ISO file to the new directory (if it is a CD: Mount-A/dev/CDROM/localyum

Mount-o loop/mnt/rhel-server-6.5-x86_64-dvd.iso/localyum

Create a repo File

Vim/etc/yum. repo/localyum. Repo

The content is as follows:

[Localyum]

Name = Local

Baseurl = file: // localyum/Server

Enabled = 1

Gpgcheck = 0

10. Install GCC, zlib, OpenSSL, and other required programs

Yum-y install gcc -*

Yum-y install zlib -*

Yum-y install OpenSSL -*

 

11. Configure the specified installation directory without checking the zlib version. (If the zlib version is too low, the source file of OpenSSH cannot be compiled successfully)

./Configure -- prefix =/usr -- sysconfdir =/etc/ssh -- without-zlib-version-Check

 

Make & make install

 

12. Check whether the upgrade is successful.

Ssh-V

 

 

13. Copy the startup script to/etc/init. d /.

CP/root/sshd/etc/init. d/

 

14. enable the Service

/Etc/init. d/sshd start

 

15. Set the sshd service to start upon startup

Chkconfig -- add sshd

Chkconfig sshd ono

 

16. Check whether the port is normal.

Netstat-an | grep: 22

 

17. Modify the SSH configuration file

Vim/etc/ssh/sshd_config modify the configuration file

Sshd configuration file path/etc/ssh/sshd_config

Protocol 2 # used protocol

X11forwarding yes # Allow window graphics Transmission Using SSH encryption Yes allow

IgnoreRhosts yes # completely disable sshd from using the. rhosts file Yes

RhostsAuthentication no # rhosts-based security verification is not set

RhostsRSAAuthentication no # Do not set rhosts-based security authentication using the RSA Algorithm

Hostbasedauthentication no # Authentication Based on the host whitelist is not allowed

Permitemptypasswords no # Do not allow empty passwords

Add comments to the following

# Gssapicleanupcredentials no indicates whether to automatically destroy the user credential cache after the user logs out. The default value is "yes ". For SSH-2 only

# Whether gssapiauthentication allows gssapi-based user authentication. The default value is "no ". For SSH-2 only.

# Usepam = yes use Pam to authenticate No

This article from the "I Am a rookie I take you fly" blog, please be sure to keep this source http://wangluxx.blog.51cto.com/9434132/1559694

OpenSSH J-PAKE Authorization Vulnerability