Last active
July 1, 2024 16:52
-
-
Save dzyphr/ca8910a103113ce64d2598d73652958b to your computer and use it in GitHub Desktop.
Updates to patch the recently found exploit in ssh
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| wget https://mirrors.gigenet.com/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz | |
| wget https://mirrors.gigenet.com/pub/OpenBSD/OpenSSH/portable/openssh-9.8p1.tar.gz.asc | |
| wget https://ftp.openbsd.org/pub/OpenBSD/OpenSSH/RELEASE_KEY.asc | |
| gpg --import RELEASE_KEY.asc | |
| VerifyResult=$(gpg --verify openssh-9.8p1.tar.gz.asc) # Run gpg verify, store the output in a variable | |
| VerifyStatus=$? # Get exit status of last command executed (0 means success) | |
| if [ $VerifyStatus -eq 0 ]; then | |
| tar xvf openssh-9.8p1.tar.gz | |
| else # if gpg verify failed (non zero exit status) | |
| echo "Signature Verification Failed" | |
| fi | |
| cd openssh-9.8p1 | |
| ./configure --with-md5-passwords | |
| make | |
| sudo make install | |
| ssh -V |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Note that you may need to configure ssh with specific flags.
You can see all the flags by running
configure -hin theopenssh-9.8p1directory.You can add the flags to the
./configurepart of the script and re-run it or follow the remaining installation manually.