This question relates to CVE-2015-8325.
Asked
Active
Viewed 3,993 times
1 Answers
1
UseLogin option is disabled by default in OpenSSH for many years and I don't know about any distribution that would like to use this fail-prone and limited method of authentication, when there are much better implemented in OpenSSH (PAM, ...).
Therefore the resolution in RHEL -- the packages are affected, but not vulnerable with default (and sane) configuraiton.
Jakuje
- 10,363