Anyone know if IPCop is affected by this? Shawn
[EMAIL PROTECTED] wrote: > Here's how it's done, confirmation with the tool suggested on >> http://isc.sans.org/diary.html?storyid=4420 > > Do an 'sudo apt-get update' and 'sudo apt-get upgrade' > > then > --- > [EMAIL PROTECTED]:~$ perl dowkd.pl host localhost > # localhost SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1 > # localhost SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1 > localhost: weak key > localhost: weak key > summary: keys found: 2, weak keys: 2 > > [EMAIL PROTECTED]:~$ sudo ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa > Generating public/private rsa key pair. > /etc/ssh/ssh_host_rsa_key already exists. > Overwrite (y/n)? y > Your identification has been saved in /etc/ssh/ssh_host_rsa_key. > Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub. > The key fingerprint is: > 49:c2:73:ce:05:e4:70:1d:4c:ae:0f:31:a1:cd:d8:34 [EMAIL PROTECTED] > > [EMAIL PROTECTED]:~$ sudo ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N '' -t > dsa > Generating public/private dsa key pair. > /etc/ssh/ssh_host_dsa_key already exists. > Overwrite (y/n)? y > Your identification has been saved in /etc/ssh/ssh_host_dsa_key. > Your public key has been saved in /etc/ssh/ssh_host_dsa_key.pub. > The key fingerprint is: > df:2e:37:5d:fb:53:6d:7c:94:16:18:c8:d1:b4:63:78 [EMAIL PROTECTED] > > [EMAIL PROTECTED]:~$ perl dowkd.pl host localhost > # localhost SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1 > # localhost SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1 > summary: keys found: 2, weak keys: 0 > [EMAIL PROTECTED]:~$ > --- > > > And don't forget any other application/service which uses SSL keys. There > was a note of the EncFS mailing list saying that it was affected, I'm sure > that there are others such as VPN software. > > Simon. > > > _______________________________________________ > clug-talk mailing list > [email protected] > http://clug.ca/mailman/listinfo/clug-talk_clug.ca > Mailing List Guidelines (http://clug.ca/ml_guidelines.php) > **Please remove these lines when replying _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
