SOL1518 - Multiple SSH1 vulnerabilities - CA-2001-35

ID SOL1518
Type f5
Reporter f5
Modified 2010-09-13T00:00:00


CERT Advisory CA-2001-35 revisits several existing exploits for the SSH1 and SSH2 protocols handled by the sshd process. For more information about the vulnerability, refer to the CERT website at the following location:



If you have BIG-IP or 3-DNS 4.5, you can work around these issues by forcing the sshd process to prohibit SSH1 connections to your system. To do so, perform the following procedure:

  1. Log in to the command line.
  2. Using a text editor, edit the /config/ssh/sshd_config file.
  3. Locate the following line:

Protocol 2,1

  1. Change the line to read the following:

Protocol 2

  1. Restart the sshd process by typing the following command:

bigstart restart sshd