ssh key update IMPORTANT security advisory please read

[Joshua Minor]

Can you clarify whether keys generated on an XO need to be  
regenerated or not.

-josh

On May 15, 2008, at 6:40 AM, Dennis Gilmore wrote:

> On Thursday 15 May 2008, Henry Hardy wrote:
>> Debian has published a recent security advisory regarding a  
>> documented
>> weakeness in the Debian openssl key generation procedure:
>>
>> [DSA 1571-1] New openssl packages fix predictable random number
>> generator<http://news.gmane.org/find-root.php?message_id=% 
>> 3c87od7az9v4.fsf%
>> 5f%5f2780.18743633783%241210681384%24gmane%24org% 
>> 40mid.deneb.enyo.de%3e>
>>
>> http://article.gmane.org/gmane.linux.debian.security.announce/1614
>>
>> Accordingly we are changing the host keys on all Ubuntu and Debian  
>> systems.
>> Users should be prepared to accept the new host keys.
>>
>> Additionally, ALL USERS MUST generate new private/public keypairs  
>> using the
>> patched ssl-keygen or equivalent (such as putty-keygen) and  
>> replace the
>> public key in their ~/.ssh/authorized_keys file. This applies to  
>> users with
>> accounts on crank, pedal, teach, grinch and all other Debian or  
>> Ubuntu
>> boxes.
>>
>> If you need help, please open a ticket by emailing  
>> sysadmin at laptop.org with
>> your new pub key or a link to it. Please specify which machines on  
>> which
>> you have accounts in the message.
>>
>> thanks,
>>
>> --HH.
>
> users only need to create new keys if you created your key using a  
> debian
> based system.  keys generated on Fedora or other linux's or unix's  
> are not
> susceptible and don't need replacing.
>
>
> This also brings up the need to use something like fas
> https://fedorahosted.org/fas/  which would easily allow users to  
> change their
> own passwords and ssh keys.  as well as simplify user management  
> and make it
> easy to grant access to different hosts.
>
>
> Dennis
> _______________________________________________
> Devel mailing list
> Devel at lists.laptop.org
> http://lists.laptop.org/listinfo/devel