New SSH Exploit Can Affect Mac OS X

According to a post on the Full Disclosure mailing list, a new SSH exploit has been found that can potentially allow someone to remotely access the target computer as root. This security hole affects versions of OpenSSH prior to 3.7 (OS X 10.2.6 includes OpenSSH 3.4.). As with previous exploits to the open-source code included in OS X, expect Apple to release a Security Update that closes this hole within the next week or so.

Until Apple issues such an update, you can protect your Mac by making sure that Remote Login is disabled in OS X's Sharing System Preference pane. Note that this will of course prevent all SSH (and SFTP) connections.

If you need to allow SSH-type connections in the meantime, there are a few potential solutions; note that these fixes aren't for the average user:

• Set up your firewall to only allow SSH connections from specific (known) computers/hosts.
• Set up a VPN (virtual private network) so that anyone who needs to connect to your computer via SSH must do so through the VPN.
• Install and switch to an alternative to SSH, such as LSH, an alternative to SSH.

If you have any insight on this issue, please drop us a line at late-breakers@macfixit.com.

Resources