I have a server running Ubuntu 14.04, but I have an issue with PCI requirements. I have installed in my server OpenSSH 6.6p1, then I upgraded it to OpenSSH 7.2p, compiling the code with make and make install directly from repositories from OpenSSH, but it seems something is broken because I continue getting the old version after I check dpkg -l openssh\*
:
ii openssh-client 1:6.6p1-2ubunt amd64 secure shell (SSH) client,
ii openssh-server 1:6.6p1-2ubunt amd64 secure shell (SSH) server,
ii openssh-sftp-serve 1:6.6p1-2ubunt amd64 secure shell (SSH) sftp server
And PCI scanner continues reporting the same issue about that I have to install the latest version of OpenSSH.
This is the CVI Id of the issue: CVE-2016-3115
I needed to install the newest OpenSSH as well but I wanted to install it via a package instead of compiling from source.
sudo apt-add-repository 'deb http://archive.ubuntu.com/ubuntu yakkety main universe multiverse'
sudo apt-get update
sudo apt-get install openssh-server=1:7.3p1-1
It worked for me. (Technically only main and universe were necessary here)
$ ssh -V
OpenSSH_7.3p1 Ubuntu-1, OpenSSL 1.0.2g 1 Mar 2016
Edit (2017-10-04): This answer has been receiving some attention lately and might be out of date now. Remember only main
and universe
were necessary from this, and I specifically wanted to install this as a package instead of compiling from source. Please be careful with typing random commands from the internet, no matter how well-meaning the stranger (in this case me) is!