How to fix your hackable SSH on Debian and Ubuntu Servers - Matt Gibson

?> How to fix your hackable SSH on Debian and Ubuntu Servers - Matt Gibson

How to fix your hackable SSH on Debian and Ubuntu Servers

If you’re running debian or ubuntu, your ssh keys are vulnerable. Follow these steps to regenerate them and secure your box back up.

apt-get update
apt-get upgrade
cd /etc/ssh/
rm ssh_host_dsa_key
rm ssh_host_dsa_key.pub
rm ssh_host_rsa_key
rm ssh_host_rsa_key.pub
ssh-keygen -t dsa (filename as /etc/ssh/ssh_host_dsa_key)
ssh-keygen -t rsa (filename as /etc/ssh/ssh_host_rsa_key)
/etc/init.d/ssh restart

This entry was posted on Thursday, May 15th, 2008 at 12:55 pm and is filed under Howto, Linux, Personal, Tech. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.

above comments

One Response to “How to fix your hackable SSH on Debian and Ubuntu Servers”

Christopher DeMarco on May 15th, 2008 at 3:11 pm

This only fixes connections from this host to others. Inbound connections are still problematic!

You need to edit your /etc/ssh/sshd_config file, and set these options:

RSAAuthentication no
PubkeyAuthenticatio no

Then remove the .ssh/authorized_keys and authorized_keys2 files in EVERY USER’s HOME DIRECTORY. (cut -d: -f6 < /etc/passwd) .

After that, you can flip those sshd_config options back on.

NOW you’re safe!

Leave a Reply