ssh binary modified



Hi,

I've just found a problem with ssh on one of my servers, I'm hoping someone
can give me some insight into what's caused the problem.

When I try to use scp or ftp I get the following error:
command-line: line 0: Bad configuration option: PermitLocalCommand
lost connection

I've just noticed my /usr/bin/ssh binary was modified two days ago although
no updates have been run.

I've noticed a strange new file: /etc/ssh/.sshd_auth
This has file permission 755 and contained two entries of my plain text
login:
myuser:clearpassword
myuser:clearpassword

FreeBSD hostname 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:02:08 UTC
2009 root@xxxxxxxxxxxxxxxxxxxxx:/usr/obj/usr/src/sys/GENERIC amd64

OpenSSH_5.2p1 FreeBSD-20090522, SSH protocols 1.5/2.0, OpenSSL 0x009080bf

MD5 (/usr/bin/ssh) = 39d889822b743a86ab150e12692c85b7

Has anyone seen the file /etc/ssh/.sshd_auth before?

Cheers

--
Regards
Nick Knight
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"



Relevant Pages

  • Re: Nettle keep connection
    ... socket on various servers, but always says: ... Nettle: SSH connection failed in step 0: Unable to exchange encryption keys ... It is working here on the Iyonix, using a login and password and the dots. ... It seems to be self contained, it is not writing to the known hosts file ...
    (comp.sys.acorn.networking)
  • Re: Security vs. usability (=ssh, firewalls and remote administration)
    ... > We have a multitude of servers geograhically disperse. ... We are unsure whether to ease firewall rules and allow ssh ... You can get them to ssh into a dedicated login box, ...
    (comp.os.linux.security)
  • Re: Security vs. usability (=ssh, firewalls and remote administration)
    ... > We have a multitude of servers geograhically disperse. ... We are unsure whether to ease firewall rules and allow ssh ... You can get them to ssh into a dedicated login box, ...
    (comp.os.linux.security)
  • Re: Limit logging in to certain users
    ... can login to those servers? ... login, not regular users. ... I thought about created a second NIS domain ... I already use SSH, but how does that help me in this situation? ...
    (comp.unix.solaris)
  • Re: ssh binary modified
    ... I've just found a problem with ssh on one of my servers, ... can give me some insight into what's caused the problem. ... This has file permission 755 and contained two entries of my plain text ...
    (FreeBSD-Security)