Just in case nobody has caught it there is a live ssh exploit which affects anything under openssh 3.7. for convenience some info on what patches: debian: ssh_3.6.1p2-6.0_i386.deb or later or ssh 1:3.4p1-1.1 openbsd: 3.7 or later (openssh-3.7p1.tar.gz) redhat: up2date -u -OR- openssh-3.7p1-1.rpm gentoo: Just go to your net-misc/openssh directory: * cp openssh-3.6.1_p2.ebuild openssh-3.7_p1.ebuild * emerge --update openssh The emerge will fetch the file and complain that there is no digest. * ebuild openssh-3.7_p1.ebuild digest * emerge --update openssh most other distros: 3.7p1 also an easy way to check the version that is running: telnet host 22 :) -Myron -- Attached file included as plaintext by Ecartis -- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE/Z9OpnfM/KCuG6/IRAizIAJ0Y5FvrGDkJ+JQ4l+3YSUkkjJz0UwCfTIhp 194uVW8j51g+wg7s9Zy6OoM= =wlNK -----END PGP SIGNATURE----- ------------------------------------ This is the Juneau-LUG mailing list. To unsubscribe, send an e-mail to juneau-lug-request@xxxxxxxxxxxxx with the word unsubscribe in the subject header.