Important: Action Required to Fix SSH Misconfiguration
Posted
6 months ago
by Jake Yip
J
Jake YipAdmin
Dear User,
We are writing to inform you of a potential SSH misconfiguration in specific older Nectar images. These images were replaced to prevent further issues as soon as we were aware of this misconfiguration. However, you will need to fix any virtual machines that have been created using these images.
How it impacts you
This misconfiguration in Nectar images by itself does not cause a security vulnerability. The affected Nectar images still include security measures that protect your instances. These include:
no default passwords, and
the use of fail2ban to limit brute force attempts.
However, you may be vulnerable if you have done one or more of the following:
set a password for default users,
created new users with passwords, or
disabled fail2ban.
To check if your virtual machine is affected, please check if it is using one of the following images:
NeCTAR Microsoft Windows Server 2022 Datacenter x86_64 [v10]
If you are affected, please either:
Recreate the virtual machine (preferred solution), or
Edit the SSH configuration (as a workaround).
A. Recreate the virtual machine
Build a new virtual machine using one of the newer official Nectar images containing the fix. The listed Nectar images with an SSH misconfiguration have been replaced to prevent future issues, so any new instances will not be affected. Recreating your virtual machine is the best way to resolve this issue, as it ensures you are starting off with a clean image.
B. Edit the SSH configuration
This will fix the vulnerability; however, you must remember to reapply this fix every time you rebuild your virtual machine.
1. Run the following command in a terminal:
sudo sshd -T | grep passwordauthentication
The output should be `passwordauthentication no`. If it says `passwordauthentication yes`, your virtual machine is affected.
2. Fix the offending file:
sudo sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config.d/50-cloud-init.conf
3. Restart the SSH service:
sudo systemctl restart ssh
4. Check if this fixes the ssh issue:
sudo sshd -T | grep passwordauthentication
The output should be passwordauthentication no.
If you have any questions or need further assistance, please do not hesitate to contact our support team by replying to support email you were sent.
We apologise for any inconvenience, and appreciate your understanding and cooperation.
Dear User,
We are writing to inform you of a potential SSH misconfiguration in specific older Nectar images. These images were replaced to prevent further issues as soon as we were aware of this misconfiguration. However, you will need to fix any virtual machines that have been created using these images.
How it impacts you
This misconfiguration in Nectar images by itself does not cause a security vulnerability. The affected Nectar images still include security measures that protect your instances. These include:
no default passwords, and
the use of fail2ban to limit brute force attempts.
However, you may be vulnerable if you have done one or more of the following:
set a password for default users,
created new users with passwords, or
disabled fail2ban.
To check if your virtual machine is affected, please check if it is using one of the following images:
If you are affected, please either:
Recreate the virtual machine (preferred solution), or
Edit the SSH configuration (as a workaround).
A. Recreate the virtual machine
Build a new virtual machine using one of the newer official Nectar images containing the fix. The listed Nectar images with an SSH misconfiguration have been replaced to prevent future issues, so any new instances will not be affected. Recreating your virtual machine is the best way to resolve this issue, as it ensures you are starting off with a clean image.
B. Edit the SSH configuration
This will fix the vulnerability; however, you must remember to reapply this fix every time you rebuild your virtual machine.
1. Run the following command in a terminal:
sudo sshd -T | grep passwordauthentication
The output should be `passwordauthentication no`. If it says `passwordauthentication yes`, your virtual machine is affected.
2. Fix the offending file:
sudo sed -i 's/PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config.d/50-cloud-init.conf
3. Restart the SSH service:
sudo systemctl restart ssh
4. Check if this fixes the ssh issue:
sudo sshd -T | grep passwordauthentication
The output should be passwordauthentication no.
If you have any questions or need further assistance, please do not hesitate to contact our support team by replying to support email you were sent.
We apologise for any inconvenience, and appreciate your understanding and cooperation.
0 Votes
0 Comments
Login or Sign up to post a comment