PCI Compliance - OpenSSH 4.3 is vulnerable Severity: Critical Problem
-
Hi,
I have to run PCI compliance on one of my pfsense routers (1.2.3).
I am getting back a fail:
PCI Compliance - OpenSSH 4.3 is vulnerable Severity: Critical ProblemHow do I disable openssh from remote access or how do I upgrade it?
Thanks
-
Upgrade to a current supported release, 2.0.1.
-
Thank you.
Quick question.
I am currently at a remote location and have access to the box via VPN. Am I able to safely upgrade that way, or does it have to be done locally.
Thanks
-
It depends on the status of the box (full install vs NanoBSD, etc) but in general that works OK. Read the upgrade guide on the wiki. Be sure to check the config as suggested there.
I have done remote upgrades on even NanoBSD installs using console upgrade by URL that went from 1.2.3-RC1 up to 2.0.1-RELEASE without issues.