SSH DSA logins on crank.

Carl-Daniel Hailfinger c-d.hailfinger.devel.2006 at
Wed May 21 08:58:11 EDT 2008

On 21.05.2008 14:36, Gary Oberbrunner wrote:
> Carl-Daniel Hailfinger wrote:
>> What happens to those who never logged in *from* a Debian/Ubuntu
>> machine? There's no reason to not let them keep their DSA key.
> The point, iiuc, is that if even one such key was sniffed, crank is
> compromised.  At least that user's account, which is dangerous enough.

OK, but then a statement from the user like "I never logged in anywhere
from a Debian/Ubuntu system" should suffice to reenable the existing key.


More information about the Devel mailing list