File: root - text - article - 2018 - 02 - linode-ubuntu17.10-man-in-the-middle-attack.txt
Tags: 安全, 计算机攻击, 服务器, linux, man-in-the-middle-attack, security, linode, server, ubuntu, | English | Home Page | Category: Computing | 281 Views, 20726 Search Bots | 300 Words
| Browse | Archive
Tags: 安全, 计算机攻击, 服务器, linux, man-in-the-middle-attack, security, linode, server, ubuntu, | English | Home Page | Category: Computing | 281 Views, 20726 Search Bots | 300 Words
| Browse | ArchiveWe recently identified an issue with our Ubuntu 17.10 image which resulted in Linodes being created with the same SSH host keys. As a result of this, it is possible that an attacker could launch a man-in-the-middle (MITM) attack on your SSH sessions.
Any Ubuntu 17.10 Linode which was created between January 11 and February 22 is affected (other versions of Ubuntu are not affected). In addition to Linodes that were deployed during this time frame, images and backups that were taken of an affected system would also continue to have this issue present.
We recommend that you regenerate new SSH host keys using the procedure below as soon as possible to avoid the risk of a MITM attack.
How to remediate this issue on existing Linodes:
Please run the following commands as the root user:
rm -f /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
systemctl restart ssh
On systems which you have previously already used to SSH to your Linode, you may receive warnings when running ssh after regenerating your keys. To resolve these warnings, run the following command on your client:
ssh-keygen -R servername.example.com
(Change “servername.example.com” to the IP address or hostname of your server.)
How we will prevent this going forward:
New automated validation checks have already been added to our image build process which will help ensure that we do not provide images with pre-generated host keys in the future.
We sincerely apologize for any issues that you've encountered or concern that has been caused as a result of this, and we want you to know that we take this very seriously. The changes to our build process will ensure that this is not repeated in the future. If you have any questions about this notification, please let us know.
Kind Regards,
Tim Kelso
Customer Support Manager
Tags: 安全, 计算机攻击, 服务器, linux, man-in-the-middle-attack, security, linode, server, ubuntu, | English | Home Page | Cateogry: Computing | 281 Views, 20726 Search Bots | 300 Words Any Ubuntu 17.10 Linode which was created between January 11 and February 22 is affected (other versions of Ubuntu are not affected). In addition to Linodes that were deployed during this time frame, images and backups that were taken of an affected system would also continue to have this issue present.
We recommend that you regenerate new SSH host keys using the procedure below as soon as possible to avoid the risk of a MITM attack.
How to remediate this issue on existing Linodes:
Please run the following commands as the root user:
rm -f /etc/ssh/ssh_host_*
dpkg-reconfigure openssh-server
systemctl restart ssh
On systems which you have previously already used to SSH to your Linode, you may receive warnings when running ssh after regenerating your keys. To resolve these warnings, run the following command on your client:
ssh-keygen -R servername.example.com
(Change “servername.example.com” to the IP address or hostname of your server.)
How we will prevent this going forward:
New automated validation checks have already been added to our image build process which will help ensure that we do not provide images with pre-generated host keys in the future.
We sincerely apologize for any issues that you've encountered or concern that has been caused as a result of this, and we want you to know that we take this very seriously. The changes to our build process will ensure that this is not repeated in the future. If you have any questions about this notification, please let us know.
Kind Regards,
Tim Kelso
Customer Support Manager
Related Articles
- CVE-2015-8874 - cPanel EasyApache Vulnerabilities
- Daily Interview Problem: Min Range Needed to Sort
- Daily Interview Puzzle: Intersection of Linked Lists
- [Daily Problem] Remove Consecutive Nodes that Sum to 0
- Algorithm Interview Question: Max and Min with Limited Comparisons
- Daily Interview Problem: 3 Sum
- Algorithm Interview: Subarray With Target Sum
- Daily Interview Problem: Merge K Sorted Linked Lists
- Detect Linked List Cycle
- YES!!
Page Edited: October 30 2020 14:21:09 |
©2006~2024 SteakOverCooked - 0.03316 Seconds(s) - 1652.492 KB/s - 20 Online 
Memory: 517.49 KB
18:54:01 up 13 days, 18:33, 2 users, load average: 0.98, 0.86, 0.73 - Server PHP Version: 7.4.33
How to Cook a Perfect Steak? | <meta name="robots" content="noindex, follow" />
Memory: 517.49 KB18:54:01 up 13 days, 18:33, 2 users, load average: 0.98, 0.86, 0.73 - Server PHP Version: 7.4.33
Read & Write - Normal - Mini - Post - All Comments - Statistics
Be the first one to comment this page !