Run this command to check if liblzma is linked to ssh:

ldd "$(command -v sshd)"

For example, on Gentoo (the best distro) I get:

linux-vdso.so.1 (0x00007ffff7fcb000)
libcrypt.so.2 => /usr/lib64/libcrypt.so.2 (0x00007ffff7f6e000)
libcrypto.so.3 => /usr/lib64/libcrypto.so.3 (0x00007ffff7a00000)
libz.so.1 => /usr/lib64/libz.so.1 (0x00007ffff7f54000)
libc.so.6 => /lib64/libc.so.6 (0x00007ffff783c000)
/lib64/ld-linux-x86-64.so.2 (0x00007ffff7fcc000)

Nope. There ain't no linking to liblzma, thus Gentoo is NOT affected
regardless of what version of xz-utils is installed.

Systemd is ultimately responsible and more and more hackers will be
looking for more and better ways of exploiting that 3 million loc
pile of junk.

Don't say we didn't tell you so.

To save your systems, downgrade xz-utils AND eliminate systemd.

On 3/31/24 08:01, Farley Flud wrote:
> Run this command to check if liblzma is linked to ssh:
>
> ldd "$(command -v sshd)"
>
> For example, on Gentoo (the best distro) I get:
>
> linux-vdso.so.1 (0x00007ffff7fcb000)
> libcrypt.so.2 => /usr/lib64/libcrypt.so.2 (0x00007ffff7f6e000)
> libcrypto.so.3 => /usr/lib64/libcrypto.so.3 (0x00007ffff7a00000)
> libz.so.1 => /usr/lib64/libz.so.1 (0x00007ffff7f54000)
> libc.so.6 => /lib64/libc.so.6 (0x00007ffff783c000)
> /lib64/ld-linux-x86-64.so.2 (0x00007ffff7fcc000)
>
> Nope. There ain't no linking to liblzma, thus Gentoo is NOT affected
> regardless of what version of xz-utils is installed.
>
> Systemd is ultimately responsible and more and more hackers will be
> looking for more and better ways of exploiting that 3 million loc
> pile of junk.
>
> Don't say we didn't tell you so.
>
> To save your systems, downgrade xz-utils AND eliminate systemd.
>
>

I get:

ldd: ./: not regular file

Physfitfreak <physfitfreak@gmail.com> wrote at 16:46 this Sunday (GMT):
> On 3/31/24 08:01, Farley Flud wrote:
>> Run this command to check if liblzma is linked to ssh:
>>
>> ldd "$(command -v sshd)"
>>
>> For example, on Gentoo (the best distro) I get:
>>
>> linux-vdso.so.1 (0x00007ffff7fcb000)
>> libcrypt.so.2 => /usr/lib64/libcrypt.so.2 (0x00007ffff7f6e000)
>> libcrypto.so.3 => /usr/lib64/libcrypto.so.3 (0x00007ffff7a00000)
>> libz.so.1 => /usr/lib64/libz.so.1 (0x00007ffff7f54000)
>> libc.so.6 => /lib64/libc.so.6 (0x00007ffff783c000)
>> /lib64/ld-linux-x86-64.so.2 (0x00007ffff7fcc000)
>>
>> Nope. There ain't no linking to liblzma, thus Gentoo is NOT affected
>> regardless of what version of xz-utils is installed.
>>
>> Systemd is ultimately responsible and more and more hackers will be
>> looking for more and better ways of exploiting that 3 million loc
>> pile of junk.
>>
>> Don't say we didn't tell you so.
>>
>> To save your systems, downgrade xz-utils AND eliminate systemd.
>>
>>
>
>
> I get:
>
> ldd: ./: not regular file
>

Try using "which sshd" instead.
--
user <candycane> is generated from /dev/urandom

On Mon, 1 Apr 2024 14:50:12 -0000 (UTC), candycanearter07 wrote:

> Physfitfreak <physfitfreak@gmail.com> wrote at 16:46 this Sunday (GMT):
>> I get:
>>
>> ldd: ./: not regular file
>>
>>
>
> Try using "which sshd" instead.

Many distros do not include sshd by default. The Ubuntu box doesn't have
it but the Fedora does since I had installed it so I could ftp files back
and forth.

rbowman <bowman@montana.com> wrote at 15:16 this Monday (GMT):
> On Mon, 1 Apr 2024 14:50:12 -0000 (UTC), candycanearter07 wrote:
>
>> Physfitfreak <physfitfreak@gmail.com> wrote at 16:46 this Sunday (GMT):
>>> I get:
>>>
>>> ldd: ./: not regular file
>>>
>>>
>>
>> Try using "which sshd" instead.
>
> Many distros do not include sshd by default. The Ubuntu box doesn't have
> it but the Fedora does since I had installed it so I could ftp files back
> and forth.

Then you're probably fine.
--
user <candycane> is generated from /dev/urandom

On 4/1/24 09:50, candycanearter07 wrote:
> Physfitfreak <physfitfreak@gmail.com> wrote at 16:46 this Sunday (GMT):
>> On 3/31/24 08:01, Farley Flud wrote:
>>> Run this command to check if liblzma is linked to ssh:
>>>
>>> ldd "$(command -v sshd)"
>>>
>>> For example, on Gentoo (the best distro) I get:
>>>
>>> linux-vdso.so.1 (0x00007ffff7fcb000)
>>> libcrypt.so.2 => /usr/lib64/libcrypt.so.2 (0x00007ffff7f6e000)
>>> libcrypto.so.3 => /usr/lib64/libcrypto.so.3 (0x00007ffff7a00000)
>>> libz.so.1 => /usr/lib64/libz.so.1 (0x00007ffff7f54000)
>>> libc.so.6 => /lib64/libc.so.6 (0x00007ffff783c000)
>>> /lib64/ld-linux-x86-64.so.2 (0x00007ffff7fcc000)
>>>
>>> Nope. There ain't no linking to liblzma, thus Gentoo is NOT affected
>>> regardless of what version of xz-utils is installed.
>>>
>>> Systemd is ultimately responsible and more and more hackers will be
>>> looking for more and better ways of exploiting that 3 million loc
>>> pile of junk.
>>>
>>> Don't say we didn't tell you so.
>>>
>>> To save your systems, downgrade xz-utils AND eliminate systemd.
>>>
>>>
>>
>>
>> I get:
>>
>> ldd: ./: not regular file
>>
>
>
> Try using "which sshd" instead.

Write the command fully and without anything from English language and
grammar and style added to it.

Physfitfreak <physfitfreak@gmail.com> wrote at 17:51 this Monday (GMT):
> On 4/1/24 09:50, candycanearter07 wrote:
>> Physfitfreak <physfitfreak@gmail.com> wrote at 16:46 this Sunday (GMT):
>>> On 3/31/24 08:01, Farley Flud wrote:
>>>> Run this command to check if liblzma is linked to ssh:
>>>>
>>>> ldd "$(command -v sshd)"
>>>>
>>>> For example, on Gentoo (the best distro) I get:
>>>>
>>>> linux-vdso.so.1 (0x00007ffff7fcb000)
>>>> libcrypt.so.2 => /usr/lib64/libcrypt.so.2 (0x00007ffff7f6e000)
>>>> libcrypto.so.3 => /usr/lib64/libcrypto.so.3 (0x00007ffff7a00000)
>>>> libz.so.1 => /usr/lib64/libz.so.1 (0x00007ffff7f54000)
>>>> libc.so.6 => /lib64/libc.so.6 (0x00007ffff783c000)
>>>> /lib64/ld-linux-x86-64.so.2 (0x00007ffff7fcc000)
>>>>
>>>> Nope. There ain't no linking to liblzma, thus Gentoo is NOT affected
>>>> regardless of what version of xz-utils is installed.
>>>>
>>>> Systemd is ultimately responsible and more and more hackers will be
>>>> looking for more and better ways of exploiting that 3 million loc
>>>> pile of junk.
>>>>
>>>> Don't say we didn't tell you so.
>>>>
>>>> To save your systems, downgrade xz-utils AND eliminate systemd.
>>>>
>>>>
>>>
>>>
>>> I get:
>>>
>>> ldd: ./: not regular file
>>>
>>
>>
>> Try using "which sshd" instead.
>
> Write the command fully and without anything from English language and
> grammar and style added to it.
>
>
>

which sshd
--
user <candycane> is generated from /dev/urandom

On 4/1/24 13:40, candycanearter07 wrote:
> Physfitfreak <physfitfreak@gmail.com> wrote at 17:51 this Monday (GMT):
>> On 4/1/24 09:50, candycanearter07 wrote:
>>> Physfitfreak <physfitfreak@gmail.com> wrote at 16:46 this Sunday (GMT):
>>>> On 3/31/24 08:01, Farley Flud wrote:
>>>>> Run this command to check if liblzma is linked to ssh:
>>>>>
>>>>> ldd "$(command -v sshd)"
>>>>>
>>>>> For example, on Gentoo (the best distro) I get:
>>>>>
>>>>> linux-vdso.so.1 (0x00007ffff7fcb000)
>>>>> libcrypt.so.2 => /usr/lib64/libcrypt.so.2 (0x00007ffff7f6e000)
>>>>> libcrypto.so.3 => /usr/lib64/libcrypto.so.3 (0x00007ffff7a00000)
>>>>> libz.so.1 => /usr/lib64/libz.so.1 (0x00007ffff7f54000)
>>>>> libc.so.6 => /lib64/libc.so.6 (0x00007ffff783c000)
>>>>> /lib64/ld-linux-x86-64.so.2 (0x00007ffff7fcc000)
>>>>>
>>>>> Nope. There ain't no linking to liblzma, thus Gentoo is NOT affected
>>>>> regardless of what version of xz-utils is installed.
>>>>>
>>>>> Systemd is ultimately responsible and more and more hackers will be
>>>>> looking for more and better ways of exploiting that 3 million loc
>>>>> pile of junk.
>>>>>
>>>>> Don't say we didn't tell you so.
>>>>>
>>>>> To save your systems, downgrade xz-utils AND eliminate systemd.
>>>>>
>>>>>
>>>>
>>>>
>>>> I get:
>>>>
>>>> ldd: ./: not regular file
>>>>
>>>
>>>
>>> Try using "which sshd" instead.
>>
>> Write the command fully and without anything from English language and
>> grammar and style added to it.
>>
>>
>>
>
>
> which sshd

I get:

hydrogen@hydrogen-OptiPlex-7050:~$ which sshd
hydrogen@hydrogen-OptiPlex-7050:~$

as if it just ignored it.

Physfitfreak <physfitfreak@gmail.com> wrote at 18:46 this Monday (GMT):
> On 4/1/24 13:40, candycanearter07 wrote:
>> which sshd
>
> I get:
>
> hydrogen@hydrogen-OptiPlex-7050:~$ which sshd
> hydrogen@hydrogen-OptiPlex-7050:~$
>
> as if it just ignored it.
>
>

Weird, probably means it's not installed..
--
user <candycane> is generated from /dev/urandom

On 4/1/24 14:00, candycanearter07 wrote:
> Physfitfreak <physfitfreak@gmail.com> wrote at 18:46 this Monday (GMT):
>> On 4/1/24 13:40, candycanearter07 wrote:
>>> which sshd
>>
>> I get:
>>
>> hydrogen@hydrogen-OptiPlex-7050:~$ which sshd
>> hydrogen@hydrogen-OptiPlex-7050:~$
>>
>> as if it just ignored it.
>>
>>
>
>
> Weird, probably means it's not installed..

I get the same result with command,

which

by itself. So it is something about the command, not sshd.

On 4/1/24 14:03, Physfitfreak wrote:
> On 4/1/24 14:00, candycanearter07 wrote:
>> Physfitfreak <physfitfreak@gmail.com> wrote at 18:46 this Monday (GMT):
>>> On 4/1/24 13:40, candycanearter07 wrote:
>>>> which sshd
>>>
>>> I get:
>>>
>>> hydrogen@hydrogen-OptiPlex-7050:~$ which sshd
>>> hydrogen@hydrogen-OptiPlex-7050:~$
>>>
>>> as if it just ignored it.
>>>
>>>
>>
>>
>> Weird, probably means it's not installed..
>
> I get the same result with command,
>
> which
>
> by itself. So it is something about the command, not sshd.

No, the command: which exists of course but requires an argument or
file. I don't know why running it by itself doesn't give error saying it
requires a file or argument.

It responds to command: which ls as it's supposed to. So sshd,
whatever it is, is certainly not on my system.

On 4/1/24 14:11, Physfitfreak wrote:
> On 4/1/24 14:03, Physfitfreak wrote:
>> On 4/1/24 14:00, candycanearter07 wrote:
>>> Physfitfreak <physfitfreak@gmail.com> wrote at 18:46 this Monday (GMT):
>>>> On 4/1/24 13:40, candycanearter07 wrote:
>>>>> which sshd
>>>>
>>>> I get:
>>>>
>>>> hydrogen@hydrogen-OptiPlex-7050:~$ which sshd
>>>> hydrogen@hydrogen-OptiPlex-7050:~$
>>>>
>>>> as if it just ignored it.
>>>>
>>>>
>>>
>>>
>>> Weird, probably means it's not installed..
>>
>> I get the same result with command,
>>
>> which
>>
>> by itself. So it is something about the command, not sshd.
>
>
> No, the command: which exists of course but requires an argument or
> file. I don't know why running it by itself doesn't give error saying it
> requires a file or argument.
>
> It responds to command: which ls   as it's supposed to. So sshd,
> whatever it is, is certainly not on my system.
>
>

Does sshd need to be on the system for security? Or is it the sshd
itself that has provided a backdoor?

Physfitfreak <physfitfreak@gmail.com> wrote at 19:03 this Monday (GMT):
> On 4/1/24 14:00, candycanearter07 wrote:
>> Physfitfreak <physfitfreak@gmail.com> wrote at 18:46 this Monday (GMT):
>>> On 4/1/24 13:40, candycanearter07 wrote:
>>>> which sshd
>>>
>>> I get:
>>>
>>> hydrogen@hydrogen-OptiPlex-7050:~$ which sshd
>>> hydrogen@hydrogen-OptiPlex-7050:~$
>>>
>>> as if it just ignored it.
>>>
>>>
>>
>>
>> Weird, probably means it's not installed..
>
> I get the same result with command,
>
> which
>
> by itself. So it is something about the command, not sshd.

huh. Maybe it's implemented as a shell command?
--
user <candycane> is generated from /dev/urandom

Physfitfreak <physfitfreak@gmail.com> wrote at 19:17 this Monday (GMT):
> On 4/1/24 14:11, Physfitfreak wrote:
>> On 4/1/24 14:03, Physfitfreak wrote:
>>> On 4/1/24 14:00, candycanearter07 wrote:
>>>> Physfitfreak <physfitfreak@gmail.com> wrote at 18:46 this Monday (GMT):
>>>>> On 4/1/24 13:40, candycanearter07 wrote:
>>>>>> which sshd
>>>>>
>>>>> I get:
>>>>>
>>>>> hydrogen@hydrogen-OptiPlex-7050:~$ which sshd
>>>>> hydrogen@hydrogen-OptiPlex-7050:~$
>>>>>
>>>>> as if it just ignored it.
>>>>>
>>>>>
>>>>
>>>>
>>>> Weird, probably means it's not installed..
>>>
>>> I get the same result with command,
>>>
>>> which
>>>
>>> by itself. So it is something about the command, not sshd.
>>
>>
>> No, the command: which exists of course but requires an argument or
>> file. I don't know why running it by itself doesn't give error saying it
>> requires a file or argument.
>>
>> It responds to command: which ls   as it's supposed to. So sshd,
>> whatever it is, is certainly not on my system.
>>
>>
>
>
> Does sshd need to be on the system for security? Or is it the sshd
> itself that has provided a backdoor?

Unless you need to remote into your computer, sshd isnt /neccesary/.
--
user <candycane> is generated from /dev/urandom

On 4/1/24 14:20, candycanearter07 wrote:
> Physfitfreak <physfitfreak@gmail.com> wrote at 19:03 this Monday (GMT):
>> On 4/1/24 14:00, candycanearter07 wrote:
>>> Physfitfreak <physfitfreak@gmail.com> wrote at 18:46 this Monday (GMT):
>>>> On 4/1/24 13:40, candycanearter07 wrote:
>>>>> which sshd
>>>>
>>>> I get:
>>>>
>>>> hydrogen@hydrogen-OptiPlex-7050:~$ which sshd
>>>> hydrogen@hydrogen-OptiPlex-7050:~$
>>>>
>>>> as if it just ignored it.
>>>>
>>>>
>>>
>>>
>>> Weird, probably means it's not installed..
>>
>> I get the same result with command,
>>
>> which
>>
>> by itself. So it is something about the command, not sshd.
>
>
> huh. Maybe it's implemented as a shell command?

I just installed (I have no idea why - hehe) two sshd related packages
(tinysshd and zsnapd-rcmd) and now I get:

hydrogen@hydrogen-OptiPlex-7050:~$ which sshd
/usr/sbin/sshd

Does one need to have sshd on the system?

On 4/1/24 14:30, candycanearter07 wrote:
> Physfitfreak <physfitfreak@gmail.com> wrote at 19:17 this Monday (GMT):
>> On 4/1/24 14:11, Physfitfreak wrote:
>>> On 4/1/24 14:03, Physfitfreak wrote:
>>>> On 4/1/24 14:00, candycanearter07 wrote:
>>>>> Physfitfreak <physfitfreak@gmail.com> wrote at 18:46 this Monday (GMT):
>>>>>> On 4/1/24 13:40, candycanearter07 wrote:
>>>>>>> which sshd
>>>>>>
>>>>>> I get:
>>>>>>
>>>>>> hydrogen@hydrogen-OptiPlex-7050:~$ which sshd
>>>>>> hydrogen@hydrogen-OptiPlex-7050:~$
>>>>>>
>>>>>> as if it just ignored it.
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> Weird, probably means it's not installed..
>>>>
>>>> I get the same result with command,
>>>>
>>>> which
>>>>
>>>> by itself. So it is something about the command, not sshd.
>>>
>>>
>>> No, the command: which exists of course but requires an argument or
>>> file. I don't know why running it by itself doesn't give error saying it
>>> requires a file or argument.
>>>
>>> It responds to command: which ls   as it's supposed to. So sshd,
>>> whatever it is, is certainly not on my system.
>>>
>>>
>>
>>
>> Does sshd need to be on the system for security? Or is it the sshd
>> itself that has provided a backdoor?
>
>
> Unless you need to remote into your computer, sshd isnt /neccesary/.

Oh, ok. I'll uninstall the two packages then. Thanks.

Physfitfreak <physfitfreak@gmail.com> wrote at 19:32 this Monday (GMT):
> On 4/1/24 14:30, candycanearter07 wrote:
>> Physfitfreak <physfitfreak@gmail.com> wrote at 19:17 this Monday (GMT):
>>> On 4/1/24 14:11, Physfitfreak wrote:
>>>> On 4/1/24 14:03, Physfitfreak wrote:
>>>>> On 4/1/24 14:00, candycanearter07 wrote:
>>>>>> Physfitfreak <physfitfreak@gmail.com> wrote at 18:46 this Monday (GMT):
>>>>>>> On 4/1/24 13:40, candycanearter07 wrote:
>>>>>>>> which sshd
>>>>>>>
>>>>>>> I get:
>>>>>>>
>>>>>>> hydrogen@hydrogen-OptiPlex-7050:~$ which sshd
>>>>>>> hydrogen@hydrogen-OptiPlex-7050:~$
>>>>>>>
>>>>>>> as if it just ignored it.
>>>>>>>
>>>>>>>
>>>>>>
>>>>>>
>>>>>> Weird, probably means it's not installed..
>>>>>
>>>>> I get the same result with command,
>>>>>
>>>>> which
>>>>>
>>>>> by itself. So it is something about the command, not sshd.
>>>>
>>>>
>>>> No, the command: which exists of course but requires an argument or
>>>> file. I don't know why running it by itself doesn't give error saying it
>>>> requires a file or argument.
>>>>
>>>> It responds to command: which ls   as it's supposed to. So sshd,
>>>> whatever it is, is certainly not on my system.
>>>>
>>>>
>>>
>>>
>>> Does sshd need to be on the system for security? Or is it the sshd
>>> itself that has provided a backdoor?
>>
>>
>> Unless you need to remote into your computer, sshd isnt /neccesary/.
>
>
> Oh, ok. I'll uninstall the two packages then. Thanks.

No problem. I have it installed as a backup, but leave the server off
unless I need it.
--
user <candycane> is generated from /dev/urandom

On 4/1/24 14:50, candycanearter07 wrote:
>
>>>>>>> Physfitfreak <physfitfreak@gmail.com> wrote at 18:46 this Monday (GMT):
>>>>>>>> On 4/1/24 13:40, candycanearter07 wrote:
>>>>>>>>> which sshd
>>>>>>>>
>>>>>>>> I get:
>>>>>>>>
>>>>>>>> hydrogen@hydrogen-OptiPlex-7050:~$ which sshd
>>>>>>>> hydrogen@hydrogen-OptiPlex-7050:~$
>>>>>>>>
>>>>>>>> as if it just ignored it.
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Weird, probably means it's not installed..
>>>>>>
>>>>>> I get the same result with command,
>>>>>>
>>>>>> which
>>>>>>
>>>>>> by itself. So it is something about the command, not sshd.
>>>>>
>>>>>
>>>>> No, the command: which exists of course but requires an argument or
>>>>> file. I don't know why running it by itself doesn't give error saying it
>>>>> requires a file or argument.
>>>>>
>>>>> It responds to command: which ls   as it's supposed to. So sshd,
>>>>> whatever it is, is certainly not on my system.
>>>>>
>>>>>
>>>>
>>>>
>>>> Does sshd need to be on the system for security? Or is it the sshd
>>>> itself that has provided a backdoor?
>>>
>>>
>>> Unless you need to remote into your computer, sshd isnt /neccesary/.
>>
>>
>> Oh, ok. I'll uninstall the two packages then. Thanks.
>
>
> No problem. I have it installed as a backup, but leave the server off
> unless I need it.

I uninstalled both packages, and yet when I run the command it still
says sshd is there:

hydrogen@hydrogen-OptiPlex-7050:~$ which sshd
/usr/sbin/sshd

So it evidently cannot be removed by uninstalling. Is that how that
"back door" works? I think I'll just directly delete it then.

Physfitfreak <physfitfreak@gmail.com> wrote at 20:21 this Monday (GMT):
> On 4/1/24 14:50, candycanearter07 wrote:
>>
>>>>>>>> Physfitfreak <physfitfreak@gmail.com> wrote at 18:46 this Monday (GMT):
>>>>>>>>> On 4/1/24 13:40, candycanearter07 wrote:
>>>>>>>>>> which sshd
>>>>>>>>>
>>>>>>>>> I get:
>>>>>>>>>
>>>>>>>>> hydrogen@hydrogen-OptiPlex-7050:~$ which sshd
>>>>>>>>> hydrogen@hydrogen-OptiPlex-7050:~$
>>>>>>>>>
>>>>>>>>> as if it just ignored it.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Weird, probably means it's not installed..
>>>>>>>
>>>>>>> I get the same result with command,
>>>>>>>
>>>>>>> which
>>>>>>>
>>>>>>> by itself. So it is something about the command, not sshd.
>>>>>>
>>>>>>
>>>>>> No, the command: which exists of course but requires an argument or
>>>>>> file. I don't know why running it by itself doesn't give error saying it
>>>>>> requires a file or argument.
>>>>>>
>>>>>> It responds to command: which ls   as it's supposed to. So sshd,
>>>>>> whatever it is, is certainly not on my system.
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> Does sshd need to be on the system for security? Or is it the sshd
>>>>> itself that has provided a backdoor?
>>>>
>>>>
>>>> Unless you need to remote into your computer, sshd isnt /neccesary/.
>>>
>>>
>>> Oh, ok. I'll uninstall the two packages then. Thanks.
>>
>>
>> No problem. I have it installed as a backup, but leave the server off
>> unless I need it.
>
> I uninstalled both packages, and yet when I run the command it still
> says sshd is there:
>
> hydrogen@hydrogen-OptiPlex-7050:~$ which sshd
> /usr/sbin/sshd
>
>
> So it evidently cannot be removed by uninstalling. Is that how that
> "back door" works? I think I'll just directly delete it then.
>
>
>
>

Weird. Maybe it's being supplied by another package?
--
user <candycane> is generated from /dev/urandom

On Mon, 1 Apr 2024 19:00:08 -0000 (UTC), candycanearter07 wrote:

> Weird, probably means it's not installed..

Just a note: it typically resides in /usr/sbin/ssh. While /usr/sbin is
usually part of the $PATH for root, it is not for a nonprivileged user.

On Mon, 1 Apr 2024 14:11:21 -0500, Physfitfreak wrote:

> ... sshd, whatever it is, is certainly not on my system.

Check for something listening on port 22:

ss -t state listening sport = inet:22

(can be done as a nonprivileged user)

On Mon, 1 Apr 2024 19:30:07 -0000 (UTC), candycanearter07 wrote:

> Unless you need to remote into your computer, sshd isnt /neccesary/.

I do that all the time. It’s a handy way to mirror things between, say, my
main workstation and my laptop, via rsync.

On Mon, 1 Apr 2024 22:00:03 -0000 (UTC), candycanearter07 wrote:

> Weird. Maybe it's being supplied by another package?

Check which one with a command like

dpkg-query -S /usr/sbin/sshd

On 4/1/24 20:06, Lawrence D'Oliveiro wrote:
> On Mon, 1 Apr 2024 22:00:03 -0000 (UTC), candycanearter07 wrote:
>
>> Weird. Maybe it's being supplied by another package?
>
> Check which one with a command like
>
> dpkg-query -S /usr/sbin/sshd

I already directly deleted it.

On 2024-03-31, Physfitfreak <physfitfreak@gmail.com> opined as follows:
> On 3/31/24 08:01, Farley Flud wrote:
>> Run this command to check if liblzma is linked to ssh:
>>
>> ldd "$(command -v sshd)"
>>
>> For example, on Gentoo (the best distro) I get:
>>
>> linux-vdso.so.1 (0x00007ffff7fcb000)
>> libcrypt.so.2 => /usr/lib64/libcrypt.so.2 (0x00007ffff7f6e000)
>> libcrypto.so.3 => /usr/lib64/libcrypto.so.3 (0x00007ffff7a00000)
>> libz.so.1 => /usr/lib64/libz.so.1 (0x00007ffff7f54000)
>> libc.so.6 => /lib64/libc.so.6 (0x00007ffff783c000)
>> /lib64/ld-linux-x86-64.so.2 (0x00007ffff7fcc000)
>>
>> Nope. There ain't no linking to liblzma, thus Gentoo is NOT affected
>> regardless of what version of xz-utils is installed.
>>
>> Systemd is ultimately responsible and more and more hackers will be
>> looking for more and better ways of exploiting that 3 million loc
>> pile of junk.
>>
>> Don't say we didn't tell you so.
>>
>> To save your systems, downgrade xz-utils AND eliminate systemd.
>>
>>
>
>
> I get:
>
> ldd: ./: not regular file
>
>

You don't have a sshd server installed most likely.

--
'Many have sought in vain to tell joyously of the Most Joyous. Now at last It declares
Itself to me, now in this misery.' - Holderlin
____
/. \
___________< |___________
\___________ ___________/
\___________ ___________/
\___________ ___________/
| |
^^^ ^^^
_________
| R W |
| (*) |
|____U____|