Mailing List Archive

Support open source code!

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [tlug] warning message

On Sun, Mar 10, 2002 at 04:32:41AM +0900, Gavin wrote:
> Guru's,
> I just updates my ssh package via mandrake update, and when the system did a 
> file check I got a message stating, and I quote" md5 checksum for one of your 
> suid files have changed, maybe an intruder modified one of these suid binary 
> in order to put in a back door." 
> 		Check sum changed /usr/bin/ssh
> should I be worried? 
What do you think? 

> if more info is need please let me know.

This is something you can easily check. Every Linux distribution has a security
announcement mailing list and/or web page. Mandrakes is

If you look at this page, you can see something like:

 44ff50aad9a9696ee747d201b9a3bd5f  8.1/RPMS/openssh-3.1p1-1.1mdk.i586.rpm

Where 44ff50aad9a9696ee747d201b9a3bd5f is the md5 checksum. This is what the
md5 checksum *should* be. At this point, check your openssh package you have
installed to make sure the md5 checksum is as it should be. If it isn't...

From the link above:

	Please verify the update prior to upgrading to ensure the integrity 
	of the downloaded package. You can do this with the command:

	rpm --checksig package.rpm

Hope this helps,

Home | Main Index | Thread Index

Home Page Mailing List Linux and Japan TLUG Members Links