Néhány fontos infó:
How can users identify exploitation attempts of this vulnerability?
Exploitation attempts for this vulnerability can be identified by seeing many many lines of “Timeout before authentication” in the logs.
Are there any mitigations for this vulnerability?
If sshd can’t be updated or recompiled, set LoginGraceTime to 0 in the config file. This exposes sshd to a denial of service by using up all MaxStartups connections, but it prevents the remote code execution risk.
Gondolom, utóbbi után csak kulccsal lehet belépni.