Slashdot Mirror

← Back to Stories (view on slashdot.org)

OpenSSH Gets Even More Suspicious

Posted by timothy on Saturday June 22, 2002 @06:59AM from the mother-may-i dept.

If you remotely administer any computers, or need to check your email over an untrusted network, odds are you're already familiar with the wonders of OpenSSH. Markus Friedl yesterday posted a release announcement for the newest version, OpenSSH 3.3. Privilege separation in OpenSSH is now enabled by default, another sign of the entire OpenBSD project's appropriate paranoia.

1 of 293 comments (clear)

Min score:

Reason:

Sort:

About time by RTFA+Man · 2002-06-22 07:10 · Score: 0, Redundant

Previously any corruption in the sshd could lead to an immediate remote root compromise if it happened before authentication, and to local root compromise if it happend after authentication. Privilege Separation will make such compromise very difficult if not impossible.