| Author |
Message
|
| uditara |
 Posted: Thu Nov 21, 2013 2:21 am Post subject: SSH version in Datapower SOA Appliance XI52 |
 |
|
Apprentice
Joined: 18 Nov 2013
Posts: 36
|
Hi All,
How do I check the SSH version in WebSphere Datapower Appliance XI52? Is there any command to check the SSH version in datapower appliances?
DP Appliance Details :-
WebSphere Datapower XI52
Firmware 5.0.0.6
Thanks,
tara |
|
| Back to top |
|
 |
| TXMQ_Doyle |
| Posted: Wed Dec 04, 2013 8:11 am Post subject: Datapower SSH |
|
|
Novice
Joined: 04 Dec 2013
Posts: 18
|
hello,
Just curious, why exactly do you need the SSH Version?
Doyle
TXMQ Inc. |
|
| Back to top |
|
|
| uditara |
| Posted: Thu Dec 05, 2013 2:42 am Post subject: |
|
|
Apprentice
Joined: 18 Nov 2013
Posts: 36
|
SSH security vulnerabilities found in EAI Datapower SOA Appliances...
Solution to close this security Vulnerabilities gaps - SSH version need to be upgrade < SSH V5.2.
I would like to know the present SSH version available in WebSphere Datapower Appliance....
Thanks,
UdiTara |
|
| Back to top |
|
|
| TXMQ_Doyle |
| Posted: Thu Dec 05, 2013 8:04 am Post subject: SSH |
|
|
Novice
Joined: 04 Dec 2013
Posts: 18
|
|
| Back to top |
|
|
| uditara |
| Posted: Thu Dec 05, 2013 12:57 pm Post subject: |
|
|
Apprentice
Joined: 18 Nov 2013
Posts: 36
|
Two week before....I have shaed same link with our security team....
Our security team want some command line output/artifacts which show present SSH version available in WebSphere Datapower Xi52 appliances like other OS UNIX, Linux command show SSH version output....
As per the link :-
The DataPower SSH server identifies itself with the following string:
SSH-2.0-OpenSSH_3.8.1p1
Changing that string could cause interoperability issues and prevent some clients from being able to connect to the DataPower appliance's SSH server. For maximum interoperability the DataPower firmware uses an old version string even though it has actually been kept up to date with relevant patches for security vulnerabilities that have arisen since the indicated version.
My question :-
As per our security team, what DP command output shows that it has actually been kept up to date with relevant patches for security vulnerabilities.....
Very Simple.....They want some DP command line artifacts to close this points....
Thanks,
UdiTara |
|
| Back to top |
|
|
| TXMQ_Doyle |
| Posted: Thu Dec 05, 2013 1:00 pm Post subject: |
|
|
Novice
Joined: 04 Dec 2013
Posts: 18
|
I understand,
Has the security team ran any scans against the appliance and uncovered any vulnerabilities regarding SSH? I looked for the command you mentioned, but haven't found it. |
|
| Back to top |
|
|
|
|
