Akamai cloud computing is aware of the recently reported OpenSSH vulnerability dubbed “regreSSHion”.
We are currently evaluating the vulnerability and its impact to our infrastructure. As part of our early response security procedures, we will patch any affected infrastructure components. These patches will protect the underlying infrastructure that your compute instance resides on, and will not affect your compute instance’s stored data.
As part of Akamai’s shared security model, Akamai is actively verifying and updating all infrastructure systems to ensure our infrastructure is not using affected OpenSSH versions. In addition, we are advising customers to verify and update their compute instances (VMs) and LKE Containers to unaffected OpenSSH versions.
We advise customers with compute instances to perform the following mitigation steps.
Update OpenSSH to the Latest Version on Debian and Ubuntu
Run the following commands to update the OpenSSH version:
sudo apt update
sudo apt install --only-upgrade openssh-server openssh-client
This may ask you how to handle the sshd_config
file if it has been changed from the version supplied in the distribution package. If so, make the selection to keep the old version.
Update OpenSSH to the Latest Version on CentOS
sudo yum update openssh-server
sudo yum update openssh-client
If you are running any other Linux distributions, follow steps outlined in their documentation to update OpenSSH.
Update OpenSSH for LKE Users
You may prepare a patch to your LKE nodes via DaemonSet or follow these steps to recycle your nodes and update the OpenSSH server.
We have updated our supported Linux distribution images with these fixes. Newly created compute instances will already include necessary patches for this vulnerability.
We recommend following optional, additional steps to harden SSH access.
Please open a ticket with our Support team in Cloud Manager if you have any questions about how this might impact you or your services on Akamai cloud computing.
Comments