[CentOS] Is there an openssh security problem?

Wed Jul 8 15:31:29 UTC 2009
Flaherty, Patrick <pflaherty at wsi.com>

> is there a security issue on CentOS 5.3 with openssh 4.3? I 
> ask that cause of
> http://www.h-online.com/security/Rumours-of-critical-vulnerabi
> lity-in-OpenSSH-in-Red-Hat-Enterprise-Linux--/news/113712
> and http://secer.org/hacktools/0day-openssh-remote-exploit.html.
> Should ssh login from internet on CentOS better be disabled?
You should always limit access to sensitive services on a machine.
Remote login should be included in that list. Either limit it by
firewall or in the openssh daemon to certain ips. Even if you can only
limit it to a class c or class a, you've still chopped out a number of
possibly malicious hosts.