ssh binary modified
- From: Nick Knight <nick@xxxxxxxxxxxxxxx>
- Date: Fri, 26 Nov 2010 13:55:58 +0000
Hi,
I've just found a problem with ssh on one of my servers, I'm hoping someone
can give me some insight into what's caused the problem.
When I try to use scp or ftp I get the following error:
command-line: line 0: Bad configuration option: PermitLocalCommand
lost connection
I've just noticed my /usr/bin/ssh binary was modified two days ago although
no updates have been run.
I've noticed a strange new file: /etc/ssh/.sshd_auth
This has file permission 755 and contained two entries of my plain text
login:
myuser:clearpassword
myuser:clearpassword
FreeBSD hostname 8.0-RELEASE FreeBSD 8.0-RELEASE #0: Sat Nov 21 15:02:08 UTC
2009 root@xxxxxxxxxxxxxxxxxxxxx:/usr/obj/usr/src/sys/GENERIC amd64
OpenSSH_5.2p1 FreeBSD-20090522, SSH protocols 1.5/2.0, OpenSSL 0x009080bf
MD5 (/usr/bin/ssh) = 39d889822b743a86ab150e12692c85b7
Has anyone seen the file /etc/ssh/.sshd_auth before?
Cheers
--
Regards
Nick Knight
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: ssh binary modified
- From: Bill Moran
- Re: ssh binary modified
- From: Poul-Henning Kamp
- Re: ssh binary modified
- Prev by Date: Re: mbuf security advisory for 7.2-RELEASE?
- Next by Date: Re: ssh binary modified
- Previous by thread: mbuf security advisory for 7.2-RELEASE?
- Next by thread: Re: ssh binary modified
- Index(es):
Relevant Pages
|
