Isso não é um problema para o OpenSSH, pois não faz uso de SSL.
excerto - O que é a diferença entre SSL vs SSH? Qual é mais seguro?They differ on the things which are around the tunnel. SSL traditionally uses X.509 certificates for announcing server and client public keys; SSH has its own format. Also, SSH comes with a set of protocols for what goes inside the tunnel (multiplexing several transfers, performing password-based authentication within the tunnel, terminal management...) while there is no such thing in SSL, or, more accurately, when such things are used in SSL they are not considered to be part of SSL (for instance, when doing password-based HTTP authentication in a SSL tunnel, we say that it is part of "HTTPS", but it really works in a way similar to what happens with SSH).
Conceptually, you could take SSH and replace the tunnel part with the one from SSL. You could also take HTTPS and replace the SSL thing with SSH-with-data-transport and a hook to extract the server public key from its certificate. There is no scientific impossibility and, if done properly, security would remain the same. However, there is no widespread set of conventions or existing tools for that.
Como evidência adicional, eu o direcionaria para RFC 4253 , que discute o "The Secure Shell (SSH) ) Protocolo de camada de transporte ". Essa é a camada de transporte personalizada do próprio SSH, ela não usa a mesma que o HTTPS / SSL usa.
This document describes the SSH transport layer protocol, which typically runs on top of TCP/IP. The protocol can be used as a basis for a number of secure network services. It provides strong encryption, server authentication, and integrity protection. It may also provide compression.
Por fim, este Q & A do site de segurança SE intitulado: Vulnerabilidade SSL3 "Poodle" tinha a dizer sobre o ataque POODLE.
trechoThe Poodle attack works in a chosen-plaintext context, like BEAST and CRIME before it. The attacker is interested in data that gets protected with SSL, and he can:
- inject data of his own before and after the secret value that he wants to obtain;
- inspect, intercept and modify the resulting bytes on the wire.
The main and about only plausible scenario where such conditions are met is a Web context: the attacker runs a fake WiFi access point, and injects some Javascript of his own as part of a Web page (HTTP, not HTTPS) that the victim browses. The evil Javascript makes the browser send requests to a HTTPS site (say, a bank Web site) for which the victim's browser has a cookie. The attacker wants that cookie.
Portanto, não há ações que precisem ser tomadas para o OpenSSH contra essa ameaça específica.
Referências
- Como a POODLE aconteceu
- Taxonomia de Cifras / MACs / Kex disponível em SSH?
- Configuração segura de cifras / MACs / Kex disponível no SSH