SMA Technologies issued a Security vulnerability with the OpCon UNIX agent on March 18, 2022. Attached is the script to resolve the SMA Unix LSAM security vulnerability in the SSH public keys file What Does This Do? 1. It is looking at the authorized SSH keys and looking for the vulnerability 2. If it finds the vulnerability in the authorized keys, then it will remove the vulnerability. 3. If it doesn't find the vulnerability, it will display that it didn't find the vulnerability 4. It also cleans up vulnerable keys that are stored in the LSAM directories It does the following: 1. Checks to see if the vulnerable public key is installed in authorized_keys file. a. If it is found, the script will print, "Vulnerability found in SSH public keys file. Removing it..." b. Then, removes the key and updates the file and will print "Removed vulnerability in SSH public keys file." 2. If the vulnerability is not found, it will print, "No vulnerability found in SSH public keys file" 3. The script will also remove a. The vulnerable public and private keys from ~root/.ssh folder. b. The vulnerable public and private keys from /usr/local/lsam/bin folder or wherever the installation of the Unix LSAM resides. c. The last step is not essential to resolve the security issue but is a better clean up. To Execute 1. Download from "https://smatechnologies.hosted-by-files.com/SMAUnixLSAMVulnerabilityFix/" via Windows or Unix 2. Transfer sma_ssh_fix to each target system via FTP using binary to directory "/usr/local/" 3. Login as root user 4. Go to directory where the Unix LSAM was installed a. For Example: cd /usr/local 5. Run command to give execute permissions a. chmod u+x sma_ssh_fix 6. Run command to execute the program a. ./sma_ssh_fix