If you receive a PCI compliance warning telling you to update to the most recent version of OpenSSH, your PCI scanner is most likely showing a false positive.

OpenSSH 6.6 is the most recent version on Ubuntu 14.04.

OpenSSH 7.2 is the most recent version on Ubuntu 16.04.

Like all major Linux distributions, Ubuntu backports security and bug fixes specifically so it does not break application compatibility by changing versions between distribution releases.

You do not and should not take any action to change your server.

Instead, let the PCI scanner know the version of Ubuntu you are running and the version of OpenSSH you have installed, which you can find with the following commands:

lsb_release -r

dpkg --list openssh-server

You can also provide the scanner with this link showing the version number of the latest OpenSSH releases from Ubuntu for 14.04:
https://launchpad.net/ubuntu/trusty/+source/openssh/+changelog

and for 16.04:
https://launchpad.net/ubuntu/xenial/+source/openssh/+changelog

 

Do not attempt to replace OpenSSH on your server with any other version. If you do, SellCloud will not be able to provide support for any breakage this may cause.

Alert: For Control Panel Help & Tutorials, click here: Panel Tutorials
Was this answer helpful? 0 Users Found This Useful (0 Votes)

Most Popular Articles

How to Upgrade Server Ubuntu 16.04 to 18.04

Don't upgrade unless you need to! Operating system upgrades are risky. If something goes wrong...
How to Upgrade Ubuntu 14.04 to 16.04

Don't upgrade unless you need to! Operating system upgrades are risky. If something goes wrong...
Ubuntu Control Panel

SellCloud makes it easy to run fast PHP applications on Ubuntu servers. SellCloud also enables...
Upgrading OpenSSL on Ubuntu LTS

If you receive an alert that your server is not running the most recent version of OpenSSL, do...
Upgrading cURL on Ubuntu LTS

If WHMCS tells you to upgrade your server's version of cURL to prevent security issues, do not be...

Powered by WHMCompleteSolution