[Bio-Linux] URGENT: BIO-LINUX SSHD UPDATES REQUIRED

[Dr Dan Swan]

Dear Systems Administrators,

An exploit (hack) has been released on the internet for OpenSSH which
controls the secure access to Bio-Linux machines.

Due to the way OpenSSH has been configured on Bio-Linux Red-Carpet
updates do not think there is anything to update.  

This is an EXTREMELY serious issue and the following steps should be
taken immediately and the instructions followed TO THE LETTER WITH NO
DEVIATION FROM THE FOLLOWING INSTRUCTIONS.  

This fix applies ONLY to people with Dell PRECISION 650 machines. If you
are running Optiplex GX240 or GX260 machines please contact me
immediately and do NOT use the following fix.

All of the following instructions must be done on the physical console. 
Do NOT log in via ssh and then attempt the following as you will not be
able to complete the instructions.

1) Sit down in front of the Bio-Linux computer
2) Log in as manager
3) Open a terminal
4) Type everything (better still cut and paste) that follows pressing
enter at the end of each line:

wget http://genomics.nox.ac.uk/~dswan/downloads/ssh_fix.tar.gz
tar -zxvf ssh_fix.tar.gz
sudo rpm -e `rpm -qa | grep ssh`

(THE ABOVE LINE HAS BACKTICKS IN IT NOT SINGLE APOSTROPHES! IT IS THE
KEY ON THE TOP LEFT OF THE KEYBOARD NEXT TO THE DIGIT 1)

cd openssh-3.7p1
sudo make install
sudo mv sshd_init /etc/init.d/sshd
sudo /etc/init.d/sshd restart

When you first attempt to login to the machine remotely you will be
notified that the host file has changed.  If you are on a Linux machine
either delete or edit .ssh/known_hosts to get rid of this problem. 
Users with puTTY will just be asked if they want to change the host key.

We apologise for this, but it is imperative you do this as soon as
possible or compromise the integrity of your machine and your data.

regards,

Dan
--
Dr Dan Swan - Bio-Linux Developer
EGTDC, CEH, Mansfield Road, Oxford, OX1 3SR
Tel: 01865 281 975 Fax: 01865 281 696
http://envgen.nox.ac.uk/ | dswan at ceh.ac.uk