Checking OpenSSH Version

TLDR - Quick Summary

What: Check OpenSSH version and security patch status

Check Version: ssh -V and dpkg -l | grep openssh-server

Resources: Ubuntu Security Notices and CVE Tracker for patch verification

Overview

To check the version of OpenSSH installed on your system and determine the security patches applied, you can use the following command-line tools:

Step 1: Check OpenSSH Version First, check your current version of OpenSSH by running:

ssh -V

This command will display the version of OpenSSH currently running on your system.

Step 2: Check Installed Package Version

To see the specific package version installed, use:

dpkg -l | grep openssh-server

This will list the OpenSSH server package version installed on your Ubuntu system.

Step 3: Determine Patch Level

To understand the patches applied to your version of OpenSSH, you need to reference the Ubuntu security notices:

1. Visit the Ubuntu Security Notices webpage: Navigate to Ubuntu Security Notices.

2. Search for OpenSSH: Enter "OpenSSH" into the search field to find notices related to OpenSSH packages.

3. Review applicable notices: Identify notices that correspond to your version of OpenSSH and review the patches that have been applied.

Using Ubuntu CVE Tracker

Ubuntu also maintains a CVE Tracker that provides detailed information about the status of CVEs in Ubuntu packages, including whether they are fixed and in which package version.

• Access the CVE Tracker: Go to the Ubuntu CVE Tracker.

• Search for a specific CVE: Enter the CVE number you are concerned about to see its status in Ubuntu.

• Check patch status: The tracker will indicate whether the CVE has been addressed in your version of Ubuntu and if your current package version includes the fix.