On Fri, May 16, 2008 at 11:59:44AM +0200, Raphael Hertzog wrote: > On Thu, 15 May 2008, Jon Dowland wrote: > > there's a tarball of 32bit/le rsa 4096 key pairs at > > <http://metasploit.com/users/hdm/tools/debian-openssl/>. > > > > I'm trying to build a blacklist for these keys*. It would be > > nice if one was included in the package. > > Until those lists are complete (ie for 32 and 64 bits, and > big/low endian), I don't think they should be integrated > as the ssh-vulnkey tool will report "Not blacklisted" for keys which are > potentially compromised because they have been generated on amd64 for > example... > > Lucas has access to GRID-5000 and could generate the keys if someone > provides him the required information to do the task given that the > nodes are amd64 (but he uses them as i386 by default with linux32 IIRC). > > But he will only have access to GRID-5000 when he comes back from his trip > to fosscamp (on sunday). Also ccing vincent danjean who also has access to > grid 5000.
It shouldn't take that long to generate them using the same code Kees used to generate the blacklist to start with. Kees, could you take care of that? (I'd *really* rather not use blacklists downloaded from metasploit; forgive my paranoia. :-) ) -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
