Vulnerability name: OpenSSH J-PAKE Authorization Vulnerability (CVE-2010-4478)
Vulnerability Description: OpenSSH is implemented by the SSH protocol group and provides encrypted authentication transmission for various services, including remote shell access. OpenSSH 5.6 and earlier versions do not properly validate public parameters in the J-PAKE protocol when the J-PAKE is enabled. Remote attackers can bypass the need to share secret information by sending special values in each round of protocol and successfully obtain authentication.
Solution: uninstall the OpenSSH service and install the latest version of OpenSSH.
Solution steps:
1. Check that the OpenSSL version is 0.9.6 or later.
Rpm-Qa | grep OpenSSL
2. Check that the zlib version is 1.2.1.2 or later.
Rpm-Qa | grep zlib
3. log on to the system as the root user and upload openssh-6.6p1.tar.gz to the/root directory.
CP/mnt/openssh-6.6p1.tar.gz/root
4. Back up the original RPM boot script to the current path
CP/etc/init. d/sshd ./
5. Stop the SSH service
/Etc/init. d/sshd stop
6. Delete the original RPM OpenSSH package
Rpm-e openssh-server openssh-5.3p1 openssh-clients openssh-askpass -- nodeps
7. Unzip the source code patch installation package
Tar-zxvf OpenSSH 6.0p1.tar.gz
8. Enter the Directory
CD/root/openssh6.0p1
9. Configure yum
Create an ISO Mount directory
Mkdir/localyum
Mount the ISO file to the new directory (if it is a CD: Mount-A/dev/CDROM/localyum
Mount-o loop/mnt/rhel-server-6.5-x86_64-dvd.iso/localyum
Create a repo File
Vim/etc/yum. repo/localyum. Repo
The content is as follows:
[Localyum]
Name = Local
Baseurl = file: // localyum/Server
Enabled = 1
Gpgcheck = 0
10. Install GCC, zlib, OpenSSL, and other required programs
Yum-y install gcc -*
Yum-y install zlib -*
Yum-y install OpenSSL -*
11. Configure the specified installation directory without checking the zlib version. (If the zlib version is too low, the source file of OpenSSH cannot be compiled successfully)
./Configure -- prefix =/usr -- sysconfdir =/etc/ssh -- without-zlib-version-Check
Make & make install
12. Check whether the upgrade is successful.
Ssh-V
13. Copy the startup script to/etc/init. d /.
CP/root/sshd/etc/init. d/
14. enable the Service
/Etc/init. d/sshd start
15. Set the sshd service to start upon startup
Chkconfig -- add sshd
Chkconfig sshd ono
16. Check whether the port is normal.
Netstat-an | grep: 22
17. Modify the SSH configuration file
Vim/etc/ssh/sshd_config modify the configuration file
Sshd configuration file path/etc/ssh/sshd_config
Protocol 2 # used protocol
X11forwarding yes # Allow window graphics Transmission Using SSH encryption Yes allow
IgnoreRhosts yes # completely disable sshd from using the. rhosts file Yes
RhostsAuthentication no # rhosts-based security verification is not set
RhostsRSAAuthentication no # Do not set rhosts-based security authentication using the RSA Algorithm
Hostbasedauthentication no # Authentication Based on the host whitelist is not allowed
Permitemptypasswords no # Do not allow empty passwords
Add comments to the following
# Gssapicleanupcredentials no indicates whether to automatically destroy the user credential cache after the user logs out. The default value is "yes ". For SSH-2 only
# Whether gssapiauthentication allows gssapi-based user authentication. The default value is "no ". For SSH-2 only.
# Usepam = yes use Pam to authenticate No
This article from the "I Am a rookie I take you fly" blog, please be sure to keep this source http://wangluxx.blog.51cto.com/9434132/1559694
OpenSSH J-PAKE Authorization Vulnerability