Naked Security

The libssh “login with no password” bug – what you need to know [VIDEO]

Here's a video that explains the libssh "no password needed" bug - jargon-free and in plain English. Enjoy...

Written by Paul Ducklin

October 18, 2018

Naked Security Authentication Bypass Exploit ibssh SSH

There’s a big brouhaha about a recently discovered SSH bug that could let crooks log into your computer without a password.
SSH is very widely installed, everywhere from the server farm at your cloud provider to the off-the-shelf router you’ve got at home.
We looked at the bug, explained how to gauge your own risk, and advised you what to do about it…
…all in plain English, without the impenetrable jargon that sneaks into so much technology advice.
Enjoy.

(Watch directly on YouTube if the video won’t play here.)

About the Author

Paul Ducklin

Paul Ducklin is a passionate security proselytiser. (That's like an evangelist, but more so!) He lives and breathes computer security, and would be happy for you to do so, too.

Follow him on Twitter: @duckblog

Read Similar Articles

May 24, 2021

2 Comments

Is there a utility to scan our networks with to see if any device or server is vulnerable?

I’d start with nmap, the free tool we mentioned in the video…

The libssh “login with no password” bug – what you need to know [VIDEO]

Paul Ducklin

Read Similar Articles

What to expect when you’ve been hit with Avaddon ransomware

What’s New in Sophos EDR 4.0

Sophos XDR: Driven by data

2 Comments

Darin

Paul Ducklin

Leave a Reply Cancel reply