On 2014-04-08, Robert Arkiletian <robark at gmail.com> wrote: > > if you include libcrypto in the grep then sshd is affected. That's unfortunate. :( Is the bug in libssl, libcrypto, or both? Since sshd is in doubt, I would like to force my users to change their password, which is stored on a central openldap server. What's the canonical CentOS way to do this? I've done some web searches for some answers, but haven't found anything really definitive, just some workarounds and some crude hacks. --keith -- kkeller at wombat.san-francisco.ca.us