Date: 26-06-02 14:55
We all should by now be aware of the upcoming exploit in OpenSSH. Version 3.3 introduces Private Seperation, which should make the issue non-exploitable. Because of the lack of information regarding FreeBSD and OpenSSH upgrading (no mail from the FreeBSD security officer, nor patches), I wrote a little howto. It worked for me, and reports from others are positive.
I hope it'll contribute to the deployment of OpenSSH 3.3 on FreeBSD. Comments are welcome.