Critical OpenSSH Vulnerability (CVE-2024-6387): Please Update Your Linux


Critical OpenSSH Vulnerability (CVE-2024-6387): Please Update Your Linux

A critical security flaw (CVE-2024-6387) has been identified in OpenSSH, a program widely used for secure remote connections. This vulnerability could allow attackers to completely compromise affected systems (remote code execution).

Who is Affected?

Only specific versions of OpenSSH (8.5p1 to 9.7p1) running on glibc-based Linux systems are vulnerable. Newer versions are not affected.

What to Do?

  1. Update OpenSSH: Check your version by running ssh -V in your terminal. If you're using a vulnerable version (8.5p1 to 9.7p1), update immediately.

  2. Temporary Workaround (Use with Caution): Disabling the login grace timeout (setting LoginGraceTime=0 in sshd_config) can mitigate the risk, but be aware it increases susceptibility to denial-of-service attacks.

  3. Recommended Security Enhancement: Install fail2ban to prevent brute-force attacks. This tool automatically bans IPs with too many failed login attempts.

Optional: IP Whitelisting for Increased Security

Once you have fail2ban installed, consider allowing only specific IP addresses to access your server via SSH. This can be achieved using:

  • ufw for Ubuntu

  • firewalld for AlmaLinux or Rocky Linux

Additional Resources

About Fail2ban

Fail2ban monitors log files like /var/log/auth.log and bans IPs with excessive failed login attempts. It updates firewall rules to block connections from these IPs for a set duration. Fail2ban is pre-configured to work with common log files and can be easily customized for other logs and errors.

Installation Instructions:

  • Ubuntu: sudo apt install fail2ban

  • AlmaLinux/Rocky Linux: sudo dnf install fail2ban

About DevSec Hardening Framework

The DevSec Hardening Framework is a set of tools and resources that helps automate the process of securing your server infrastructure. It addresses the challenges of manually hardening servers, which can be complex, error-prone, and time-consuming, especially when managing a large number of servers. The framework integrates with popular infrastructure automation tools like Ansible, Chef, and Puppet. It provides pre-configured modules that automatically apply secure settings to your operating systems and services such as OpenSSH, Apache and MySQL. This eliminates the need for manual configuration and reduces the risk of errors.

Prepare by LinuxMalaysia with the help of Google Gemini

5 July 2024


In Google Doc Format 

Download Latest version Of Nginx Stable For Latest Security Patch


Download And Use latest Version Of Nginx Stable

To ensure you receive the latest security updates and bug fixes for Nginx, configure your system's repository specifically for it. Detailed instructions on how to achieve this can be found on the Nginx website. Setting up the repository allows your system to automatically download and install future Nginx updates, keeping your web server running optimally and securely.

Visit this websites for information on how to configure your repository for Nginx. 

Installing Nginx on different Linux distributions

Example from 


sudo apt install -y curl gnupg2 ca-certificates lsb-release debian-archive-keyring && \
keys/nginx_signing.key | gpg --dearmor \
| sudo tee /usr/
share/keyrings/nginx-archive-keyring.gpg >/dev/null && \
"deb [signed-by=/usr/share/keyrings/nginx-archive-keyring.gpg] \ `lsb_release -cs` nginx"
| sudo tee /etc/apt/sources.list.d/nginx.list

# Latest Stable (pick either latest stable
or by version)

sudo apt
update && \
sudo apt
install -y nginx

By version (pick one only, latest stable or by version)

sudo apt
update && \
sudo apt
install -y nginx=1.24.0-1~$(lsb_release -cs)

AlmaLinux / Rocky Linux (Redhat)

Create the following file at /etc/yum.repos.d/nginx.repo

name=nginx stable repo

name=nginx mainline repo

# Latest Stable (pick either latest stable or by version)

sudo dnf install nginx

# Latest Stable (pick either latest stable or by version)

sudo dnf install nginx-1.24.0

Nginx Fork (This for reference only - year 2024) 

Use this Web tool to configure nginx. 


Harisfazillah Jamel - LinuxMalaysia - 20240619

Call For Speaker For Mini UbuCon Malaysia 2024

Call For Speaker for Mini UbuCon Malaysia 2024

Mini UbuCon Malaysia 2024: Call for Speakers

Share your Ubuntu expertise!

The Ubuntu Malaysia LoCo Team is thrilled to invite you to speak at Mini UbuCon Malaysia 2024 on August 7, 2024, during Siber Siaga and CyberDSA. This is your chance to share your knowledge and experiences with a passionate community of Ubuntu users.

What is Ubuntu?

Ubuntu is a free and open-source operating system based on Linux. It's popular for its user-friendly interface, wide range of software applications, and strong community support. Whether you're a developer, system administrator, or everyday computer user,  Ubuntu offers a powerful and customizable computing experience.

What We're Looking For

  • Technical Talks
    • Case studies, development experiences, implementations, and applications related to Ubuntu.
    • Focus on practical, knowledge-sharing content.
    • Avoid marketing materials.
  • Ubuntu-Centric Topics
    • Priority given to subjects directly related to Ubuntu, its ecosystem, and the community.
    • Be specific! Broad topics like "What is Security?" are less likely to be accepted. For instance, a talk on "Advanced Security Configurations in Ubuntu" is more likely to be accepted than a general overview of security.
  • Unique Insights
    • Share your hard-won experiences and hard-to-find information, not easily searchable content.
  • Community-Oriented Talks
    • Generic topics are okay if directly connected to Ubuntu projects or the community (e.g., managing budget for UbuCon events).

Please note that this is a volunteer opportunity and speaker participation is on your own expense.

Get Inspired

Browse past UbuCon sessions on the Ubuntu wiki for ideas:

Speaker Requirements

Important Dates

  • Speaker Application Deadline: July 5, 2024
  • Selection Notification: After selection process by the committee
  • Presentation Slide Submission: August 1, 2024 (if selected)

How to Apply

About Mini UbuCon Malaysia 2024

Mark your calendars for August 7, 2024, as Mini UbuCon Malaysia 2024 will take place during the prestigious Siber Siaga and CyberDSA events. These events provide a dynamic platform for cybersecurity and digital transformation, making them the perfect backdrop for our Mini UbuCon.

For those of you who want to attend Mini UbuCon Malaysia 2024, you still need to register through SIBER SIAGA 2024. Visit Facebook  and other links for more info.

Online Registration

  • Visit:
  • Select "General Visitors" by pressing + for total (at least 1).
  • Click "Continue" and fill out the required information.
  • In the field "Any specific vendors / exhibitors you are interested in meeting?", enter "Mini UbuCon Malaysia 2024".
  • Press "Register".

Anything regarding Mini UbuCon 2024 can be asked on Telegram Ubuntu Malaysia Loco Team:

Don't miss this opportunity to connect with the Ubuntu community in Malaysia

Privacy Notice

We take your privacy seriously. Any personal information collected through the online speaker application form, including email addresses, telephone numbers, names, and profiles, will only be used for purposes related to Mini UbuCon Malaysia 2024 speaker selection and communication. This information will not be shared with third parties without your consent.


  1. What topics are best suited for Mini UbuCon Malaysia 2024? We are looking for technical talks, Ubuntu-centric topics, unique insights, and community-oriented talks that provide value and knowledge to the Ubuntu community.

  2. How do I submit my application to speak? Submit a 50-100 word abstract through the online form. Ensure you meet the application deadline.

  3. Can I attend Mini UbuCon Malaysia 2024 without speaking? Yes, you can attend by registering through Siber Siaga 2024. In the field "Any specific vendors / exhibitors you are interested in meeting?", enter "Mini UbuCon Malaysia 2024".

  4. What is the Creative Commons license requirement? All presentation slides must be published under the Creative Commons Attribution-ShareAlike 4.0 International (CC BY-SA 4.0) license to encourage sharing and collaboration.

  5. Where can I get more information about past UbuCon sessions? You can browse past sessions on the Ubuntu wiki for ideas and inspiration.

    Ubuntu Meetup Release Party 24.04 - 25 May 2024

Popular Posts


64bit Activity Adempire advocate Akta Apache ASAS Azam backup backuppc Bash Beowulf Big Data Broadband Budget Centos Cinta Cluster CMS cmsfornerd Company Complain computer Computer Operation Conference Contest Data Centre Operation DBmail Digg Digital Certification Discussion Group Django DNS Docker Domain Duit Online Economy Elastic Stack Elasticsearch ELK email email server English Evangelist Events Family Tree Fedora File System Firefox Foss FreeBSD FTX Gesaan Gluster Gmail Google Google App GTUG Hacking Hadoop hafnie Harisfazillah Jamel horde HP-UX hwclock IBM ICT Service Delivery and Operation Indonesia Internet Internet Tools Itanium Jabatan IT Negara Jaring Java Javascript Jepun Jiwang Joke Joomla K3S K3Sup Kernel Kesihatan Kibana KOSTEM Kubernetes ldap Linux Linux Counter linuxmalaysia Logstash Love Mailman MailScanner Mailwatch Malay Malaysia MAMPU MDeC meetup Melaka Melayu Merdeka Microsoft Migration mirror sites Money Online Monitor MOSC 2010 MOSC2010 mosc2011 MOSC2013 MOSCMY MOSCMY2014 MOSCMY2015 Mozilla MPI MSC Malaysia MSC Malaysia OSCONF MSCOSCONF My Love MyGOSSCON MyMeeting Mypenguin99 mysql Nagios NagiosQL Negaraku Nginx nss_ldap ntp OBW2014 Open Office Open Source openldap OpenSSH OpenStack Opera OS2 OS400 OSCC OSCC MAMPU OSS OSS Policy OWASP Parallel Computing People Power Personal Petition PGP PHP Pligg Podman Politik Postfix Postgresql Programming Proxmox Python q1moscmy2015 Questionnaires Research Research tools RPM SASSIAN Sassian 85-89 Sassians 85-89 SCO Security Sekolah Sekolah Alam Shah Shell script Software License Solaris SongketMail SongketMailFilter sourceforge spam spamassassin Spoof SSH Survey SVR4 System Tools Technorati Terjemahan Terminal TMnet Tor Training translation Treasury Malaysia Trend Micro Twitter Ubuntu Unix Virtualization VMS VOIP Wang Web Server Windows Zimbra

LinuxMalaysia Mastodon