sshd & [USN-2459-1] OpenSSL vulnerabilities

Vangelis Katsikaros ibob17 at yahoo.gr
Tue Jan 13 13:30:34 UTC 2015


Hi

 > On 01/13/2015 02:47 PM, Patrick Asselman wrote:
>> On 2015-01-13 13:39, William Scott Lockwood III wrote:
>>
>> Yes, you need to restart. SSHD loads libssl into memory at launch.
>> Patching it doesn't reload the patched version. You are vulnerable
>> until you restart.
>
> According to the openssh documentation, sshd spawns child processes for
> connections, meaning that no connections will be lost when sshd is restarted.

For my sshd configuration it seems it works as you described (the ssh session 
from which I did "service sshd restart" didn't die with the restart).

Thanks all for the info
Vangelis



More information about the ubuntu-users mailing list