Centralized Authentication (was Re: ssh key update security advisory)
Ixo X oxI
ixo at myna.ws
Sun May 18 15:43:32 EDT 2008
I put in a TRAC ticket on something similar...
Several months ago, not sure if it ever went anywhere...
2008/5/15 Dennis Gilmore <dennis at ausil.us>:
> On Thursday 15 May 2008, Henry Hardy wrote:
> > Debian has published a recent security advisory regarding a documented
> > weakeness in the Debian openssl key generation procedure:
> > [DSA 1571-1] New openssl packages fix predictable random number
> > generator<
> > http://article.gmane.org/gmane.linux.debian.security.announce/1614
> > Accordingly we are changing the host keys on all Ubuntu and Debian
> > Users should be prepared to accept the new host keys.
> > Additionally, ALL USERS MUST generate new private/public keypairs using
> > patched ssl-keygen or equivalent (such as putty-keygen) and replace the
> > public key in their ~/.ssh/authorized_keys file. This applies to users
> > accounts on crank, pedal, teach, grinch and all other Debian or Ubuntu
> > boxes.
> > If you need help, please open a ticket by emailing sysadmin at laptop.orgwith
> > your new pub key or a link to it. Please specify which machines on which
> > you have accounts in the message.
> > thanks,
> > --HH.
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Devel