I found that one of our clients servers had not been updated in almost a year, so I updated it. This included the recent fixes to the ssh problem. The reason for the service call was that it was not backing up to its backup server, which happens as an rsync over ssh cron job. Performing the update (including the openssh server and client) did not fix the problem and, ssh-vulnkey still reported the host keys and the key used for backup as vulnerable.
I regenerated the backup users key and ssh-vulnkey still reported it as vulnerable and it would not connect to the backup server. I then removed the .ssh directory and all entries on the backup server, and regenerated again, with the same results. I generated a new dsa key, attempted to log into another remote server, and this failed also. I then performed a kernel update (one was out there) and rebooted. Unfortunately, somewhere in the process I locked myself out of remote access (ssh refuses my connection now), so I can not troubleshoot more until the client is back in their office tomorrow. Any ideas on why ssh-keygen would continue to create vulnerable keys after the update? Rod -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
