If you are currently running some recent version of Ubuntu, you can check for yourself by attempting to use openssl or you can run sslscan (assuming you have that installed) like here:
$ sslscan --ssl2 www.google.com
And in the results you will see it come up blank like here:
What we need to do is rebuild the OpenSSL libraries and enable SSLv2 support. Don't do this if you have no need for this support. The below series of commands come from the main post and the comments here: http://security.sunera.com/2011_02_01_archive.html
I'm not taking credit for this, I'm just putting it all together for Ubuntu 12.04 and really just having this as record for myself since I will have to redo this work everytime OpenSSL gets updated -> meaning watch out for those Ubuntu updates that might undo your work with a new version of OpenSSL or re-install your tools that you rebuild to take advantage of your changes.
Commands to run:
$ sudo apt-get install build-essential devscripts m4 quilt debhelper # There might be more depending on your system - check for error messages
$ apt-get source openssl
$ cd openssl-*
$ quilt pop -a # This removes updates
$ vi debian/patches/series
Remove 'no-ssl2.patch' (or whatever it is called now since it has changed before)
$ vi debian/rules
Remove 'no-ssl2' in args
$ quilt push -a # This re-applies the updates, minus the no-ssl2 patch
$ dch -n 'Allow dangerous v2 protocol'
$ dpkg-source --commit
$ debuild -uc -us
$ ls ../*ssl*.deb
$ cd ../
$ sudo dpkg -i *ssl*.deb
Now you need to do similar activity to get your tools to work again. Here is getting sslscan to work:
$ apt-get source sslscan
$ cd sslscan*
$ debuild -uc -us
$ cd ../
$ sudo dpkg -i *sslscan*.deb
Lets run sslscan with the same arguments as before:
And we have SSLv2 support back. Thank you to others who have posted this information before so that I could get it to work.
