Issue 60 in hntool: sshd_config Protocol 2 still reports HIGH

1 view
Skip to first unread message

hnt...@googlecode.com

unread,
Aug 1, 2010, 9:24:10 PM8/1/10
to hnt...@googlegroups.com
Status: New
Owner: ----
Labels: Type-Defect Priority-Medium

New issue 60 by guillermo.gomez: sshd_config Protocol 2 still reports HIGH
http://code.google.com/p/hntool/issues/detail?id=60

What steps will reproduce the problem?
1. /etc/sshd_config explicit Protocol 2
2. service sshd restart
3. hntool

What is the expected output? What do you see instead?

Expected : [ OK ]
Instead: [ HIGH ]

What version of the product are you using? On what operating system?

hntool 0.1.2
Linux 2.6.33.6-147.fc13.x86_64

Please provide any additional information below.

rpm download from koji (fedora build system)


hnt...@googlecode.com

unread,
Aug 24, 2010, 9:20:43 PM8/24/10
to hnt...@googlegroups.com

Comment #1 on issue 60 by rosset.filipe: sshd_config Protocol 2 still
reports HIGH
http://code.google.com/p/hntool/issues/detail?id=60

I can't confirmed this as a bug. Can you please attach your sshd_config?
(Please remove all sensitive data, of course).

hnt...@googlecode.com

unread,
Aug 24, 2010, 10:10:05 PM8/24/10
to hnt...@googlegroups.com

Comment #2 on issue 60 by guillermo.gomez: sshd_config Protocol 2 still
reports HIGH
http://code.google.com/p/hntool/issues/detail?id=60

SyslogFacility AUTHPRIV
PasswordAuthentication yes
ChallengeResponseAuthentication no
GSSAPIAuthentication yes
GSSAPICleanupCredentials yes
UsePAM yes
AcceptEnv LANG LC_CTYPE LC_NUMERIC LC_TIME LC_COLLATE LC_MONETARY
LC_MESSAGES
AcceptEnv LC_PAPER LC_NAME LC_ADDRESS LC_TELEPHONE LC_MEASUREMENT
AcceptEnv LC_IDENTIFICATION LC_ALL LANGUAGE
AcceptEnv XMODIFIERS
X11Forwarding yes
Subsystem sftp /usr/libexec/openssh/sftp-server

# the rest is just #'lines

hnt...@googlecode.com

unread,
Aug 24, 2010, 10:14:14 PM8/24/10
to hnt...@googlegroups.com

Comment #3 on issue 60 by guillermo.gomez: sshd_config Protocol 2 still
reports HIGH
http://code.google.com/p/hntool/issues/detail?id=60

hmm now appears okeyd with explicit protocol 2, which i missed in the
previous listing, but my environment has changed from the one i used for
the report, now the sympton disapeared (discard)

Checks security problems on sshd config file
SSH is using protocol
v2
[ OK ]


hnt...@googlecode.com

unread,
Aug 24, 2010, 10:28:40 PM8/24/10
to hnt...@googlegroups.com

Comment #4 on issue 60 by linux.rafa: sshd_config Protocol 2 still reports
HIGH
http://code.google.com/p/hntool/issues/detail?id=60

Can we assume the problem was solved?

hnt...@googlecode.com

unread,
Aug 25, 2010, 6:54:11 AM8/25/10
to hnt...@googlegroups.com

Comment #5 on issue 60 by rosset.filipe: sshd_config Protocol 2 still
reports HIGH
http://code.google.com/p/hntool/issues/detail?id=60

"Can we assume the problem was solved?" Yes, please close the ticket.

hnt...@googlecode.com

unread,
Aug 25, 2010, 8:39:16 AM8/25/10
to hnt...@googlegroups.com
Updates:
Status: Fixed

Comment #6 on issue 60 by linux.rafa: sshd_config Protocol 2 still reports
HIGH
http://code.google.com/p/hntool/issues/detail?id=60

Fixed!

Reply all
Reply to author
Forward
0 new messages