Larvitz :fedora: :redhat: on Nostr: There isn't yet a patch for CVE-2024-6387 a.k.a. "regreSSHion" in RHEL9 but Red Hat ...
There isn't yet a patch for CVE-2024-6387 a.k.a. "regreSSHion" in RHEL9 but Red Hat suggests a mitigation by setting LoginGraceTime to 0 in sshd_config (source: https://access.redhat.com/security/cve/cve-2024-6387)
I wrote a small Ansible playbook to do this on multiple systems in an automated way.
If someone has the same task, feel free to draw inspiration from here:
https://gist.github.com/chofstede/67641b45f7b2379bab5832b70c0b8351
It's tested and idempotent (can run multiple times with the same result) but no warranties. Use at your own risk.
#linux #regresshion #cve20246387 #ansible #rhel #redhat #mitigation #sysadmin #openssh #security
I wrote a small Ansible playbook to do this on multiple systems in an automated way.
If someone has the same task, feel free to draw inspiration from here:
https://gist.github.com/chofstede/67641b45f7b2379bab5832b70c0b8351
It's tested and idempotent (can run multiple times with the same result) but no warranties. Use at your own risk.
#linux #regresshion #cve20246387 #ansible #rhel #redhat #mitigation #sysadmin #openssh #security