On Wed, May 14, 2008 at 7:52 PM, Steven M. Bellovin <[EMAIL PROTECTED]> wrote: > Given the published list of bad ssh keys due to the Debian mistake (see > http://metasploit.com/users/hdm/tools/debian-openssl/), should sshd be > updated to contain a blacklist of those keys? I suspect that a Bloom > filter would be quite compact and efficient.
Debian has two packages, one call openssh-blacklist (1024 DSA and 2048 bit keys RSA keys) ~4MB, and an "unstable" package openssh-blacklist-extra for non-default key sizes sizes that are simple lists of blacklisted keys. current source: <http://ftp.debian.org/debian/pool/main/o/openssh-blacklist/openssh-blacklist_0.3.tar.gz> from the README: ----------------------------------------- The blacklists are separate by architecture, type, and bit size. The contents are ordered by process pid, starting at PID 1 and ending at PID 32767. While generating entries, each possible process ID must be used. To help automate this, LD_PRELOAD is used to override the getpid() libc function. See "generate-blacklist.sh" for details. Note that the list is architecture-specific. ----------------------------------------- -Michael --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]