Hi,
looking at Max's blacklist it should be clear that they do *not* stick
to ssh-vulnkey(1) format :
" The blacklist file may start with comments, on lines starting
with "#". After these initial comments, it must follow a strict
format:
· All the lines must be exactly the same
On Wed, May 14, 2008 at 05:36:53PM +0100, Colin Watson wrote:
> The problem here is that the package gets inconveniently large ... this
> has to fit on CDs that include openssh-server.
>
> Perhaps openssh-blacklist-extra or something would work.
For a start putting the extra blacklist on the web
On Wed, May 14, 2008 at 05:26:52PM +0200, Gabor Gombas wrote:
> On Wed, May 14, 2008 at 01:38:33PM +0100, Colin Watson wrote:
> > On Wed, May 14, 2008 at 01:47:35PM +0200, Gábor Gombás wrote:
> > > The package only contains a blacklist for 2048-bit RSA keys. There
> > > should be a description how
On Wed, May 14, 2008 at 01:38:33PM +0100, Colin Watson wrote:
> On Wed, May 14, 2008 at 01:47:35PM +0200, Gábor Gombás wrote:
> > The package only contains a blacklist for 2048-bit RSA keys. There
> > should be a description how to obtain/generate the blacklist for other
> > key lengths.
>
> That'
On Wed, May 14, 2008 at 01:47:35PM +0200, Gábor Gombás wrote:
> The package only contains a blacklist for 2048-bit RSA keys. There
> should be a description how to obtain/generate the blacklist for other
> key lengths.
That's called "exploit code", and I'm not willing to give it out yet,
sorry.
-
Package: openssh-blacklist
Version: 0.1.0
Severity: wishlist
Hi,
The package only contains a blacklist for 2048-bit RSA keys. There
should be a description how to obtain/generate the blacklist for other
key lengths.
Gabor
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
6 matches
Mail list logo