Bug#481446: closed by Colin Watson [EMAIL PROTECTED] (Re: Bug#481446: openssh-server: openssh does not start complaining about comprimised keys with new generated keys)

I don't know how you managed it (given that openssh-server depends on a good enough version; perhaps you have it on hold or something?), but that version of libssl0.9.8 is absolutely vulnerable. You need to upgrade to 0.9.8g-9 or newer. I'm having the same problem on 64bit etch - apt-get

Bug#481446: closed by Colin Watson [EMAIL PROTECTED] (Re: Bug#481446: openssh-server: openssh does not start complaining about comprimised keys with new generated keys)

Ugh - sorry for the extra post - but I found bug http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481519 and had the same problem - somewhere I managed to get a testing verion of libssl0.9.8 - a downgrade fixed my problem. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of

Bug#481446: closed by Colin Watson [EMAIL PROTECTED] (Re: Bug#481446: openssh-server: openssh does not start complaining about comprimised keys with new generated keys)

Am Freitag, 16. Mai 2008 11:42 schrieb Debian Bug Tracking System: This is an automatic notification regarding your Bug report which was filed against the openssh-server package: #481446: openssh-server: openssh does not start complaining about comprimised keys with new generated keys It

Bug#481446: closed by Colin Watson [EMAIL PROTECTED] (Re: Bug#481446: openssh-server: openssh does not start complaining about comprimised keys with new generated keys)

On Fri, May 16, 2008 at 11:57:16AM +0200, Michael Schwartzkopff wrote: thanks for the explanation. I understood that my system still creates comprimised keys. I did a full apt-get update and apt-get upgrade. After thank I installed ssh with apt-get install openssh-server openssh-client