Apparently I installed that thing in 2006 and I last updated it in 2016, then I quit updating it for some reason that I totally forgot. Probably laziness…

It’s been running for quite some time and we kind of forgot about it in the closet, until the SSH tunnel we use to get our mail outside our home stopped working because modern openssh clients refuse to use the antiquated key cipher I setup client machines with way back when any longer.

I just generated new keys with a more modern cipher that it understands (ecdsa-sha2-nistp256) and left it running. Because why not 🙂

  • Nibodhika@lemmy.world
    link
    fedilink
    arrow-up
    45
    arrow-down
    1
    ·
    3 months ago

    I’m fairly certain that SSH and whatever else you’re exposing has had vulnerabilities fixed since then, especially if modern distros refuse to use the ssh key you were using, this screams of “we found something so critical here we don’t want to touch it”. If your server exposes anything in a standard port, e.g. SSH on 22, you probably should do a fresh install (although I would definitely not know how to rebuild a system I built almost 20 years ago).

    That being said, it’s amazing that an almost 20 year old system can work for almost 10 years without touching anything.

    • Sbauer@lemmy.world
      link
      fedilink
      arrow-up
      11
      arrow-down
      1
      ·
      3 months ago

      The amount of dos systems I have seen powering critical infrastructure in banks and hospitals is quite frankly nightmare fuel.

      • Possibly linux@lemmy.zip
        link
        fedilink
        English
        arrow-up
        7
        ·
        3 months ago

        They normally are isolated systems with controlled access. Same with shipping and any other critical industry.

        Not to say that there aren’t exceptions but these days there is a required level of compliance