Debian has published a recent security advisory regarding a documented weakeness in the Debian openssl key generation procedure:
[DSA 1571-1] New openssl packages fix predictable random number generator<http://news.gmane.org/find-root.php?message_id=%3c87od7az9v4.fsf%5f%5f2780.18743633783%241210681384%24gmane%24org%40mid.deneb.enyo.de%3e> http://article.gmane.org/gmane.linux.debian.security.announce/1614 Accordingly we are changing the host keys on all Ubuntu and Debian systems. Users should be prepared to accept the new host keys. Additionally, ALL USERS MUST generate new private/public keypairs using the patched ssl-keygen or equivalent (such as putty-keygen) and replace the public key in their ~/.ssh/authorized_keys file. This applies to users with accounts on crank, pedal, teach, grinch and all other Debian or Ubuntu boxes. If you need help, please open a ticket by emailing [EMAIL PROTECTED] with your new pub key or a link to it. Please specify which machines on which you have accounts in the message. thanks, --HH.
_______________________________________________ Devel mailing list [email protected] http://lists.laptop.org/listinfo/devel
