Portal Home > Knowledgebase > Articles Database > OpenSSH 4.3 and PCI Compliance
OpenSSH 4.3 and PCI Compliance
| Posted by skywin, 12-05-2011, 06:45 AM |
| Hi, we have done a PCI Compliance in a cPanel server and has not completed because openssh 4.3 is considered insecure.
Can someone provide more information about this? We use this version.
# rpm -qa | grep -i ssh
openssh-clients-4.3p2-72.el5_7.5
openssh-4.3p2-72.el5_7.5
openssh-server-4.3p2-72.el5_7.5
Thanks.
Last edited by skywin; 12-05-2011 at 06:49 AM.
|
| Posted by Patrick, 12-05-2011, 08:11 AM |
| Who is doing the PCI compliance? It's possible they are using a vulnerability scanner and only seeing that you're using OpenSSH 4.3 which had some vulnerabilities and as such are flagging it as a risk... although your specific version of OpenSSH 4.3p2-72 appears to be OK.
You could try upgrading to the latest OpenSSH and see if that helps. Something from the current 5.9 branch. (Just a random guess.)
|
| Posted by skywin, 12-05-2011, 08:15 AM |
| Is performed by Trustwave, if I change the version of openssh would be a compatibility issue with cPanel?
|
| Posted by ZenMonk, 12-08-2011, 01:28 AM |
| Make sure to update it using yum so that other dependent packages are upgraded as well. The chances of cpanel running into an issue is very low.
|
| Posted by Steven, 12-08-2011, 02:43 AM |
| If you change you make sure you manually check for updates on a frequent basis because you won't have the security of just doing a yum upgrade any more.
|
Add to Favourites 
Print this Article
Also Read
Shared Hosting
Shared Hosting
