On Tue, May 13, 2008 at 9:12 PM, Richard Doyle <[EMAIL PROTECTED]> wrote: > There is a potentially serious vulnerability in OpenSSL which affects > Edubuntu and other Debian-based distributions: > http://www.ubuntu.com/usn/usn-612-1 > > Fixes are described in http://wiki.debian.org/SSLkeys . Since SSH is a > vital part of Edubuntu, and is affected by the vulnerability, every > affected system should be fixed ASAP. As I understand it, the fix for > version version 7.04 is to run the following commands: > > sudo rm /etc/ssh/ssh_host_* > sudo dpkg-reconfigure openssh-server > sudo ltsp-update-sshkeys >
> I ran the ssl upgrade provided via package manager on my dev-box running Hardy and rebooted and found my thin clients locked out. Bummer. Glad I didn't apply this against a production box. Next I ran the commands Richard mentioned, but no joy there either. I can log on to the box via the console but thin clients are locked out. Anyone got a fix? Do I need to chroot to /opt/ltsp/ and rebuild the image?? Can we get an edubuntu specific fix figured out and posted to the wiki asap? John > > > > > -- > edubuntu-users mailing list > [email protected] > Modify settings or unsubscribe at: > https://lists.ubuntu.com/mailman/listinfo/edubuntu-users > -- edubuntu-users mailing list [email protected] Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
