On 5/10/05, jim martin <postfix168@xxxxxxxxx> wrote: > Hi.. We are using openssh-server-3.9p1-7 for our FC3 > box, > > [root@wa ]# rpm -qa | grep openssh-server > openssh-server-3.9p1-7 > > however our auditor want us to upgrade from > Openssh protocol '1' to '2' > > it means I need to upgrade to openssh-server-3.9p2.. > right?? Wrong. The "p" in the version is the patch level. It has nothing to do with the protocol level that is used. There are two current versions of the SSH protocol, SSH1 is the older and more insecure of the two. SSH2 is the newer more secure version, and probably the reason they want you to upgrade. Look in your sshd.conf file and look for a line that might read Protocol 1,2 and change it so that it only reads Protocol 2 That's all they want you to do. This will prevent people from being able to connect using the old protocol. -- David Registered Linux User 383030 (since everyone else was doing it 8-) ----------------------------------------------------------------------- There are only 10 kinds of people in this world, those who understand binary, and those who don't.
