On Sat, May 31, 2008 at 08:02:53AM +0800, [EMAIL PROTECTED] wrote: > Idea: new ssh _client_ that will also block outgoing ssh contacts if bad > keys are detected.
Yes, this is already on my to-do list. > CW> /usr/share/doc/openssh-server/README.compromised-keys.gz > You might want to add some dates into that file, lest they read it > months later etc. I think the version numbers are more informative. > I see there > > OpenSSH keys used for user authentication must be manually regenerated, > including those which may have since been transferred to a different system > after being generated. > > which indeed probably covers somewhat what I'm talking about. But > doesn't mention the danger present before one does any updating. "What to do if you are affected: 1. Install the security updates" Regards, -- Colin Watson [EMAIL PROTECTED] -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]