ALAS-2014-319 --- openssh pam_ssh_agent_authID: oval:org.secpod.oval:def:1601010 | Date: (C)2019-06-06 (M)2021-06-02 |
Class: PATCH | Family: unix |
Due to a problem with the configuration of kernels 3.10.34-37 and 3.10.34-38 and their interaction with the authentication modules stack, the sshd daemon which is part of the openssh package will no longer allow remote logins following a restart of the sshd service.There are two permanant fixes for this issue, and we urge you to apply both. Update to openssh-server-6.2p2-7.40. Update to kernel-3.10.34-39 and reboot your instance.To apply these fixes, run yum update openssh kernel and reboot your instance.The new openssh package includes workarounds for the misconfigured kernels and the new kernel package addresses the miscofiguration issue from earlier builds.If you are unable to log in to your instance due to this issue, you can recover your instances via the RebootInstances API call but the permanent fix will still be needed. Any Amazon Linux AMI on which the running kernel is either 3.10.34-37 or 3.10.34-38 is impacted by this issue.
Platform: |
Amazon Linux AMI |
Product: |
openssh |
pam_ssh_agent_auth |