Updating OpenSSH for PCI Compliance


New Member

Messages: 1

Hello all,

I am currently running a FreeBSD 12.1 server with OpenSSH ver 7.8. I have attempted to run and succeded in running freebsd-update fetch/install and my OpenSSH refuses to update. My PCI test claims I require at least 8.1, any ideas?


Staff member

Reaction score: 9,085
Messages: 33,642

Your PCI compliancy test is braindead. The version we have in the base receives proper security updates, but the version number will stay the same.

To give you an example of how braindead that test is, on RHEL8 OpenSSH is 8.0. On RHEL7 it is 7.4. So according to your tests those aren't PCI compliant either? I'm quite sure Red Hat has a very different opinion of that.