[bitfolk] Re: Please make sure you have patched your SSH against CVE-2024-6387

Hi, An unauthenticated remote root exploit has been discovered in SSH, including in versions shipped by Debian stable and newer, and most other up to date Linux distributions. https://security-tracker.debian.org/tracker/CVE-2024-6387 Please make sure you have applied the necessary upgrades. If for some reason you are unable to apply an upgrade, the issue can be mitigated by setting LoginGraceTime to 0 in /etc/ssh/sshd_config. This will make it easier for people to tie up all connection slots, denying access to legitimate connections, but does avoid the remote root exploit. Thanks, Andy -- https://bitfolk.com/ -- No-nonsense VPS hosting