Paul Johnson wrote: > Debian/Ubuntu systems that had the ssh key flaw last year? If a key > was generated on those systems, my understanding is that open ssh > will reject it for security reasons.
I don't think the Fedora packages rejected such keys by default. I
know that Debian and Ubuntu's packages contain patches which implement
a partial blacklist of keys that are checked. I don't think that's
upstream or in the Fedora packages though. (I checked by grepping for
blacklist in the the F-10 branch of openssh.)
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Democracy is the theory that the common people know what they want,
and deserve to get it good and hard.
-- H.L. Mencken, "Little Book in C major", 1916
pgpOrpUgvyK6h.pgp
Description: PGP signature
-- fedora-list mailing list [email protected] To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
