Bug#732259: Acknowledgement (mutt: Special character in the recipient's display name overrides my name config'd in mutt)
Sheesh, my bad. Thanks :) --srs (htc one x) - Reply message - From: "C. Meissa" To: "Suresh Ramasubramanian" Cc: <732...@bugs.debian.org> Subject: Bug#732259: Acknowledgement (mutt: Special character in the recipient's display name overrides my name config'd in mutt) Date: Mon, Dec 16, 2013 1:57 PM Hello Suresh, To make mutt respect your header settings you may just want to set reverse_name="no" If reverse_name is set AND the email address in the spam is one of your alternates, your replies will use the spam’s setting. That may be why you haven’t noticed this behaviour on mailing lists and other spam… :-) Cheers, C.M. Suresh Ramasubramanian schrieb am 16.12.2013 12:27:23: > Forgot to addthe relevant bits from my .muttrc - > > set reverse_name > set from=sur...@hserus.net > alternates "s...@savitr.info"
Bug#732259: Acknowledgement (mutt: Special character in the recipient's display name overrides my name config'd in mutt)
Forgot to addthe relevant bits from my .muttrc - set reverse_name set from=sur...@hserus.net alternates "s...@savitr.info" srs -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#684340: exim tls fails: Diffie-Hellman prime too short
On 12-Sep-2013, at 1:18, Florian Weimer wrote: > I suppose the simplest mitigation would be to avoid ephemeral > Diffie-Hellman key agreement altogether, that is, remove it from the > cipher suite default. By the way this ticket is a dup of #676563 --srs -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#684340: exim tls fails: Diffie-Hellman prime too short
On 12-Sep-2013, at 1:18, Florian Weimer wrote: > I suppose the simplest mitigation would be to avoid ephemeral > Diffie-Hellman key agreement altogether, that is, remove it from the > cipher suite default. Dispensing with gnutls and using openssl like most other distros do would possibly make more sense, but that is a license war dating back to 2008 and still open on bts. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=446036 and of course these http://blog.zugschlus.de/archives/585-exim4-vs.-OpenSSL-vs.-GnuTLS.html http://blog.josefsson.org/2007/11/09/response-to-gnutls-in-exim-debate/ > 512 bits DH probably allows passive attacks, so IMHO it's unsuitable > even if the peer's certificate isn't validated in some way (because > like strong DH, this still provides security against passive > eavesdroppers). It is a fig leaf but still better than transporting email en clair. --srs
Bug#684340: exim tls fails: Diffie-Hellman prime too short
Package: exim4 Version: 4.80-7 Followup-For: Bug #684340 This issue is still around in 4.80-7 on wheezy. Longish thread on postfix-users as well, with an exim developer (Phil Pennock) discussing this bug with Wietse and Viktor Dukhovni. 66_enlarge-dh-parameters-size.dpatch in gnutls is the issue cause, forcing high Diffie Hellman primes to be required. http://postfix.1071664.n5.nabble.com/Exim-DH-GnuTLS-interop-tp61003p61097.html http://postfix.1071664.n5.nabble.com/Exim-DH-GnuTLS-interop-tp61003p61100.html Possibly good crypto but extremely bad for interoperability, and obviously ends up in a lot of email being sent out unencrypted / cleartext when at least a base level of TLS should have been available and usable. Setting tls_dh_min_bits=512 in remote_smtp does help mitigate it. If you use a monolithic config rather than a split config, and have it persist across releases once the config is stabilized .. thanks --srs -- Package-specific info: Exim version 4.80 #2 built 02-Jan-2013 19:40:19 Copyright (c) University of Cambridge, 1995 - 2012 (c) The Exim Maintainers and contributors in ACKNOWLEDGMENTS file, 2007 - 2012 Berkeley DB: Berkeley DB 5.1.29: (October 25, 2011) Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS move_frozen_messages Content_Scanning DKIM Old_Demime Lookups (built-in): lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmjz dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp Fixed never_users: 0 Size of off_t: 8 Configuration file is /etc/exim4/exim4.conf # /etc/exim4/update-exim4.conf.conf # # Edit this file and /etc/mailname by hand and execute update-exim4.conf # yourself or use 'dpkg-reconfigure exim4-config' # # Please note that this is _not_ a dpkg-conffile and that automatic changes # to this file might happen. The code handling this will honor your local # changes, so this is usually fine, but will break local schemes that mess # around with multiple versions of the file. # # update-exim4.conf uses this file to determine variable values to replace # the DEBCONFsomethingDEBCONF strings in the configuration template files. # # Most settings found in here do have corresponding questions in the # Debconf configuration, but not all of them. # # This is a Debian specific file dc_eximconfig_configtype='none' dc_other_hostnames='frodo.hserus.net' dc_local_interfaces='' dc_readhost='' dc_relay_domains='' dc_minimaldns='false' dc_relay_nets='' dc_smarthost='' CFILEMODE='644' dc_use_split_config='false' dc_hide_mailname='' dc_mailname_in_oh='true' dc_localdelivery='mail_spool' mailname:frodo.hserus.net -- System Information: Debian Release: 7.1 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 3.2.0-4-686-pae (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.utf8) Shell: /bin/sh linked to /bin/dash Versions of packages exim4 depends on: ii debconf [debconf-2.0] 1.5.49 ii exim4-base 4.80-7 ii exim4-daemon-heavy 4.80-7 exim4 recommends no packages. exim4 suggests no packages. -- debconf information: exim4/drec: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#624670: exim4 dkim plugin - % in dkim signature logged to paniclog
Package: exim4 Version: 4.72-6 Severity: normal Exim wrongly interprets % in a dkim sig, and logs to the paniclog This issue has been reported upstream to the exim maintainers and a fix pushed http://bugs.exim.org/show_bug.cgi?id=1106 thanks --srs -- Package-specific info: Exim version 4.72 #1 built 31-Jan-2011 19:18:08 Copyright (c) University of Cambridge, 1995 - 2007 Berkeley DB: Berkeley DB 4.8.30: (April 9, 2010) Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS move_frozen_messages Content_Scanning DKIM Old_Demime Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp Fixed never_users: 0 Size of off_t: 8 GnuTLS compile-time version: 2.8.6 GnuTLS runtime version: 2.8.6 Configuration file is /etc/exim4/exim4.conf # /etc/exim4/update-exim4.conf.conf # # Edit this file and /etc/mailname by hand and execute update-exim4.conf # yourself or use 'dpkg-reconfigure exim4-config' # # Please note that this is _not_ a dpkg-conffile and that automatic changes # to this file might happen. The code handling this will honor your local # changes, so this is usually fine, but will break local schemes that mess # around with multiple versions of the file. # # update-exim4.conf uses this file to determine variable values to replace # the DEBCONFsomethingDEBCONF strings in the configuration template files. # # Most settings found in here do have corresponding questions in the # Debconf configuration, but not all of them. # # This is a Debian specific file dc_eximconfig_configtype='none' dc_other_hostnames='frodo.hserus.net' dc_local_interfaces='' dc_readhost='' dc_relay_domains='' dc_minimaldns='false' dc_relay_nets='' dc_smarthost='' CFILEMODE='644' dc_use_split_config='false' dc_hide_mailname='' dc_mailname_in_oh='true' dc_localdelivery='mail_spool' mailname:frodo.hserus.net -- System Information: Debian Release: 6.0.1 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Kernel: Linux 2.6.32-5-686 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.utf8) Shell: /bin/sh linked to /bin/dash Versions of packages exim4 depends on: ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management sy ii exim4-base4.72-6 support files for all Exim MTA (v4 ii exim4-daemon-heavy4.72-6 Exim MTA (v4) daemon with extended exim4 recommends no packages. exim4 suggests no packages. -- debconf information: exim4/drec: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#564832: exim4-daemon-heavy: exim4-base 4.71.3 - start and stop runlevels changed, warnings ..
Marc Haber [24/01/10 16:36 +0100]: It is not necessary to modify the init script to override these settings, just override them from /etc/default/exim4. Which I did, already once I remembered. Didnt modify the initscript back to the default though. Both those files say 15m now. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#564832: exim4-daemon-heavy: exim4-base 4.71.3 - start and stop runlevels changed, warnings ..
Andreas Metzler [24/01/10 16:11 +0100]: On 2010-01-12 Suresh Ramasubramanian wrote: Package: exim4-daemon-heavy Version: 4.71-3 Severity: important Doing an apt-get dist-upgrade to the latest exim4-daemon-heavy [...] Was this a dist-upgrade from lenny? nope. fresh squeeze install. the exim.conf is carried over from a very old 4.x version - originally from the earliest 4.x versions in fact - (across freebsd and then ubuntu before squeeze) and is monolithic, not configured using debconf. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#564832: exim4-daemon-heavy: exim4-base 4.71.3 - start and stop runlevels changed, warnings ..
Andreas Metzler [24/01/10 16:18 +0100]: Ok. Would you mind sending it to the bts, so we have a complete file when I re-assign to insserv. Below. Only change is QUEUEINTERVAL was changed to 15m from the default 30m srs #! /bin/sh # /etc/init.d/exim4 # # Written by Miquel van Smoorenburg . # Modified for Debian GNU/Linux by Ian Murdock . # Modified for exim by Tim Cutts # Modified for exim4 by Andreas Metzler # and Marc Haber ### BEGIN INIT INFO # Provides: exim4 # Required-Start:$remote_fs $syslog $named $network $time # Required-Stop: $remote_fs $syslog $named $network # Should-Start: postgresql mysql clamav-daemon greylist spamassassin # Should-Stop: postgresql mysql clamav-daemon greylist spamassassin # Default-Start: 2 3 4 5 # Default-Stop: 0 1 6 # Short-Description: exim Mail Transport Agent # Description: exim is a Mail Transport agent ### END INIT INFO set -e if [ -r "/lib/lsb/init-functions" ]; then . /lib/lsb/init-functions else echo "E: /lib/lsb/init-functions not found, lsb-base (>= 3.0-6) needed" exit 1 fi if [ -n "$EX4DEBUG" ]; then echo "now debugging $0 $@" set -x fi LANG=C export LANG #read default file QUEUERUNNER='combined' QUEUEINTERVAL='15m' UPEX4OPTS='' PIDFILE="/var/run/exim4/exim.pid" QRPIDFILE="/var/run/exim4/eximqr.pid" [ -f /etc/default/exim4 ] && . /etc/default/exim4 upex4conf() { UPEX4CONF="update-exim4.conf" OLDIFS="$IFS" IFS=: for p in $PATH; do if [ -x "$p/$UPEX4CONF" ]; then IFS="$OLDIFS" $p/$UPEX4CONF $UPEX4OPTS return 0 fi done IFS="$OLDIFS" } # Exit if exim runs from /etc/inetd.conf if [ -f /etc/inetd.conf ] && grep -E -q '^[[:space:]]*((\*|[[:alnum:].-]+):)?smtp[[:space:]]' /etc/inetd.conf then upex4conf exit 0 fi DAEMON="/usr/sbin/exim4" NAME="exim4" ##test -x $DAEMON || exit 0 test -x /usr/lib/exim4/exim4 || exit 0 # this is from madduck on IRC, 2006-07-06 # There should be a better possibility to give daemon error messages # and/or to log things log() { case "$1" in [[:digit:]]*) success=$1; shift;; *) :;; esac log_action_begin_msg "$1"; shift log_action_end_msg ${success:-0} "$*" } start_exim() { [ -e /var/run/exim4 ] || \ install -d -oDebian-exim -gDebian-exim -m750 /var/run/exim4 case ${QUEUERUNNER} in combined) start_daemon -p "$PIDFILE" \ "$DAEMON" -bd "-q${QFLAGS}${QUEUEINTERVAL}" \ ${COMMONOPTIONS} \ ${QUEUERUNNEROPTIONS} \ ${SMTPLISTENEROPTIONS} log_progress_msg "exim4" ;; separate) start_daemon -p "$PIDFILE" \ "$DAEMON" -bd \ ${COMMONOPTIONS} \ ${SMTPLISTENEROPTIONS} log_progress_msg "exim4_listener" start_daemon -p "$QRPIDFILE" \ "$DAEMON" -oP $QRPIDFILE \ "-q${QFLAGS}${QUEUEINTERVAL}" \ ${COMMONOPTIONS} \ ${QUEUERUNNEROPTIONS} log_progress_msg "exim4_queuerunner" ;; queueonly) start_daemon -p "$QRPIDFILE" \ "$DAEMON" -oP $QRPIDFILE \ "-q${QFLAGS}${QUEUEINTERVAL}" \ ${COMMONOPTIONS} \ ${QUEUERUNNEROPTIONS} log_progress_msg "exim4_queuerunner" ;; no|ppp) start_daemon -p "$PIDFILE" \ "$DAEMON" -bd \ ${COMMONOPTIONS} \ ${SMTPLISTENEROPTIONS} log_progress_msg "exim4_listener" ;; nodaemon) ;; esac } stop_exim() { # we try to kill eximqr and exim SMTP listener, no matter what # ${QUEUERUNNER} is set to, we could have switched since starting. if [ -f "$QRPIDFILE" ]; then killproc -p "$QRPIDFILE" "$DAEMON" log_progress_msg "exim4_queuerunner" fi if [ -f "$PIDFILE" ]; then killproc -p "$PIDFILE" "$DAEMON" log_progress_msg "exim4_listener" fi } reload_exim() { case ${QUEUERUNNER} in combined|no|ppp) killproc -p "$PIDFILE" "$DAEMON" -HUP log_progress_msg "exim4" ;; separate) killproc -p "$PIDFILE" "$DAEMON" -HUP log_progress_msg "exim4_listener" killproc -p "$QRPIDFILE" "$DAEMON" -HUP log_progress_msg "exim4_queuerunner" ;; esac } kill_all_exims() { SIG="${1:-TERM}" for pid in $(pidof $NAME); do if [ "$(readlink /proc/$pid/root)" = "/" ]; then kill -$SIG $pid fi done } status() { # the exit value of this function reflects the status of the SMTP # service. Output shows the status of the queue runner as well. SMTPNAME="SMTP listener daemon" QRNAME="separate queue runner daemon" if [ "${QUEUERUNNER}" = "combined" ]; then SMTPNAME="combined SMTP listener and queue runner daemon" fi log_action_begin_msg "checking $QRNAME" if pidofproc -p "$QRPIDFILE" >/dev/null; then log_action_end_msg 0 "running" else if [ -e "$QRPIDFILE" ]; then log_action_end_msg 1 "$QRNAME failed" else log_action_end_msg 0 "not running" fi fi log_action_begin_msg "checking $SMTPNAME" if pidofproc -p "$PIDFILE" >/dev/null;
Bug#564832: exim4-daemon-heavy: exim4-base 4.71.3 - start and stop runlevels changed, warnings ..
/etc/init.d/exim4 was only modified to make the queue interval 15m instead of 30m. What I did next was to execute "update-rc.d exim4 default" and it seems to have stopped throwing that error. Strange. Andreas Metzler [24/01/10 15:58 +0100]: On 2010-01-12 Suresh Ramasubramanian wrote: Package: exim4-daemon-heavy Version: 4.71-3 Severity: important Doing an apt-get dist-upgrade to the latest exim4-daemon-heavy I got these warnings, and then exim4 did not restart automatically. /etc/init.d/exim4 start did start it after that. Setting up exim4-base (4.71-3) ... Installing new version of config file /etc/cron.daily/exim4-base ... insserv: warning: current start runlevel(s) (empty) of script `exim4' overwrites defaults (2 3 4 5). insserv: warning: current stop runlevel(s) (0 1 2 3 4 5 6) of script `exim4' overwrites defaults (0 1 6). Hello, is /etc/init.d/exim4 locally modified, removing the lsb headers? Either way please add it to the bugreport. thanks, cu andreas -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#564832: exim4-daemon-heavy: exim4-base 4.71.3 - start and stop runlevels changed, warnings ..
* Marc Haber [Tuesday, 12 January 2010 3:58 PM]: > On Mon, Jan 11, 2010 at 10:01:29PM -0800, Suresh Ramasubramanian wrote: >> Setting up exim4-base (4.71-3) ... >> Installing new version of config file /etc/cron.daily/exim4-base ... >> insserv: warning: current start runlevel(s) (empty) of script `exim4' >> overwrites defaults (2 3 4 5). >> insserv: warning: current stop runlevel(s) (0 1 2 3 4 5 6) of script `exim4' >> overwrites defaults (0 1 6). > > This looks to me like an insserv/sysvinit issue, probably connected to > the new dependency-based boot system. Googling up that error message gives me some other debian bugs .. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=554971 for mdadm (filed against squeeze, nov 2009) - where the error went away and mdadm installed properly after someone on that thread purged hibernate and uswsusp from his system. Stale dependencies - probably. But this is a relatively fresh install of squeeze. Nothing pinned etc. -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#564832: exim4-daemon-heavy: exim4-base 4.71.3 - start and stop runlevels changed, warnings ..
Package: exim4-daemon-heavy Version: 4.71-3 Severity: important Doing an apt-get dist-upgrade to the latest exim4-daemon-heavy I got these warnings, and then exim4 did not restart automatically. /etc/init.d/exim4 start did start it after that. Setting up exim4-base (4.71-3) ... Installing new version of config file /etc/cron.daily/exim4-base ... insserv: warning: current start runlevel(s) (empty) of script `exim4' overwrites defaults (2 3 4 5). insserv: warning: current stop runlevel(s) (0 1 2 3 4 5 6) of script `exim4' overwrites defaults (0 1 6). -- Package-specific info: Exim version 4.71 #1 built 01-Jan-2010 14:03:12 Copyright (c) University of Cambridge, 1995 - 2007 Berkeley DB: Berkeley DB 4.8.26: (December 18, 2009) Support for: crypteq iconv() IPv6 PAM Perl Expand_dlfunc GnuTLS move_frozen_messages Content_Scanning DKIM Old_Demime Lookups: lsearch wildlsearch nwildlsearch iplsearch cdb dbm dbmnz dnsdb dsearch ldap ldapdn ldapm mysql nis nis0 passwd pgsql sqlite Authenticators: cram_md5 cyrus_sasl dovecot plaintext spa Routers: accept dnslookup ipliteral iplookup manualroute queryprogram redirect Transports: appendfile/maildir/mailstore/mbx autoreply lmtp pipe smtp Fixed never_users: 0 Size of off_t: 8 GnuTLS compile-time version: 2.8.5 GnuTLS runtime version: 2.8.5 Configuration file is /etc/exim4/exim4.conf # /etc/exim4/update-exim4.conf.conf # # Edit this file and /etc/mailname by hand and execute update-exim4.conf # yourself or use 'dpkg-reconfigure exim4-config' # # Please note that this is _not_ a dpkg-conffile and that automatic changes # to this file might happen. The code handling this will honor your local # changes, so this is usually fine, but will break local schemes that mess # around with multiple versions of the file. # # update-exim4.conf uses this file to determine variable values to replace # the DEBCONFsomethingDEBCONF strings in the configuration template files. # # Most settings found in here do have corresponding questions in the # Debconf configuration, but not all of them. # # This is a Debian specific file dc_eximconfig_configtype='none' dc_other_hostnames='frodo.hserus.net' dc_local_interfaces='' dc_readhost='' dc_relay_domains='' dc_minimaldns='false' dc_relay_nets='' dc_smarthost='' CFILEMODE='644' dc_use_split_config='false' dc_hide_mailname='' dc_mailname_in_oh='true' dc_localdelivery='mail_spool' mailname:frodo.hserus.net -- System Information: Debian Release: squeeze/sid APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Kernel: Linux 2.6.30-2-686 (SMP w/2 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) (ignored: LC_ALL set to en_US.utf8) Shell: /bin/sh linked to /bin/dash Versions of packages exim4-daemon-heavy depends on: ii debconf [debconf-2.0] 1.5.28 Debian configuration management sy ii exim4-base4.71-3 support files for all Exim MTA (v4 ii libc6 2.10.2-2 GNU C Library: Shared libraries ii libdb4.8 4.8.24-1 Berkeley v4.8 Database Libraries [ ii libgnutls26 2.8.5-2the GNU TLS library - runtime libr ii libldap-2.4-2 2.4.17-2.1 OpenLDAP libraries ii libmysqlclient16 5.1.41-3 MySQL database client library ii libpam0g 1.1.0-4Pluggable Authentication Modules l ii libpcre3 7.8-3 Perl 5 Compatible Regular Expressi ii libperl5.10 5.10.1-8 shared Perl library ii libpq58.4.1-1PostgreSQL C client library ii libsasl2-22.1.23.dfsg1-3 Cyrus SASL - authentication abstra ii libsqlite3-0 3.6.21-2 SQLite 3 shared library exim4-daemon-heavy recommends no packages. exim4-daemon-heavy suggests no packages. -- debconf information: exim4-daemon-heavy/drec: -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Bug#483756: insist ssh-vulnkey -a be run by the administrator upon upgrade
> Having a compromised key in ~/.ssh/authorized_keys (if that's what it > was) is effectively equivalent to allowing access to that account from > the entire Internet. Obviously. Which is why I found it. Removed it. Told him to reupload it. He seems to have uploaded a new compromised key. Told him about it. srs -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Bug#483756: insist ssh-vulnkey -a be run by the administrator upon upgrade
Colin Watson [31/05/08 00:31 +0100]: Sure, but that's a problem with *their* machine (i.e. it allows access from unauthorised persons) rather than a problem with your machine. The sshd blacklisting will prevent this problem on their side - you might send them an updated key but you won't be able to log in with it. Not allowed access as much as "found a compromised key in ~/.ssh and warned him". He has another - perfectly good and uncompromised - key he appears to have been using .. srs -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]