On 3/2/2012 7:48 PM, wes wrote: > > > I've never heard of a single breakin occurring with private-key auth > that was due to true SSH protocol or encryption weakness. Failures > in the human side of the process, however, have been known to happen. > > > *cough cough* > > http://perimetergrid.com/wp/2008/05/17/ubuntudebian-crng-cracked-ssh-vulnerable/
Missed that one. Seems to be limited to Debian's RNG, and affects only the key generation process, not the protocol itself. -- Jim Garrison ([email protected]) PGP Keys at http://www.jhmg.net RSA 0x04B73B7F DH 0x70738D88 _______________________________________________ PLUG mailing list [email protected] http://lists.pdxlinux.org/mailman/listinfo/plug
