Stories by Juha Saarinen

Sysadmin woes multiply

Another week, another security hole discovered, and even more work on top of your normal duties to plug it. Sounds familiar? Maybe it’s just me, but security issues seem to make up a far greater proportion of your average sysadmin’s duties than ever before.
Last week, Secure Shell (ssh), used extensively for remote access, was partly compromised (see Security Focus). It looks like the ssh protocol version 1.x is potentially vulnerable, and should no longer be used, so I disabled it on the servers I administer, allowing only protocol 2. This meant that I had to distribute updated ssh clients to users whose current programs only support protocol version 1.0.