I wrote a small #Ansible playbook to automate updating openssh to the latest available version on multiple hosts (Works on Debian and EL based distributions):
https://gist.github.com/chofstede/c076ededc4fbf0478740473542af98c3
❯ ansible-playbook -i inventory patch_openssh.yml
Just sharing this here, in case, someone might find it helpful. Use at your own risk.
#linux #openssh #cve20246387 #rce #sysadmin #security #vulnerability
Larvitz :fedora: :redhat: /
npub1fj…jaq90
2024-07-01 17:44:41
Author Public Key
npub1fj6u59lnses9xu6xa6ewugrfg2e639lg32r24383525xq3deyuaspjaq90Published at
2024-07-01 17:44:41Event JSON
{
"id": "e75592995de1f25275277077e9ba962a922645ac86070bd52be7ab5a96565c4a",
"pubkey": "4cb5ca17f38660537346eeb2ee206942b3a897e88a86aac4f1a2a86045b9273b",
"created_at": 1719855881,
"kind": 1,
"tags": [
[
"t",
"ansible"
],
[
"t",
"rce"
],
[
"t",
"linux"
],
[
"t",
"cve20246387"
],
[
"t",
"sysadmin"
],
[
"t",
"vulnerability"
],
[
"t",
"openssh"
],
[
"t",
"security"
],
[
"proxy",
"https://burningboard.net/@Larvitz/112712475033933857",
"web"
],
[
"proxy",
"https://burningboard.net/users/Larvitz/statuses/112712475033933857",
"activitypub"
],
[
"L",
"pink.momostr"
],
[
"l",
"pink.momostr.activitypub:https://burningboard.net/users/Larvitz/statuses/112712475033933857",
"pink.momostr"
],
[
"expiration",
"1722447900"
]
],
"content": "I wrote a small #Ansible playbook to automate updating openssh to the latest available version on multiple hosts (Works on Debian and EL based distributions):\n\nhttps://gist.github.com/chofstede/c076ededc4fbf0478740473542af98c3\n\n❯ ansible-playbook -i inventory patch_openssh.yml\n\nJust sharing this here, in case, someone might find it helpful. Use at your own risk.\n\n#linux #openssh #cve20246387 #rce #sysadmin #security #vulnerability",
"sig": "e1f70f722b7d218a83b19730ae9bb1c65935b92c63aa52fdddb8c3dee885fc6db27bb387a69c41e31c75d3b10417ba8c508e4b5db74eb14b88df1bf255198347"
}