On 2008-06-04 16:59:09 +0200, Raphael Hertzog wrote:
non-default because ssh-keygen does generate 2048 bits keys for
RSA by default since quite some time and the postinst doesn't
give an explicit size when it creates the keys.
openssh (1:4.2p1-1) unstable; urgency=low
[...]
- Increase
On Thu, 05 Jun 2008, Vincent Lefevre wrote:
I installed the machine on 2008-01-30 (from a CD) then upgraded
to sid. The dpkg log says concerning the upgrades:
What CD? An Etch CD?
2008-01-30 23:49:03 upgrade libssl0.9.8 0.9.8c-4etch1 0.9.8g-4
2008-01-31 00:50:15 upgrade openssh-server
Processing commands for [EMAIL PROTECTED]:
severity 481860 normal
Bug#481860: openssh-server upgrade didn't remove all compromised keys from
/etc/ssh
Severity set to `normal' from `grave'
thanks
Stopping processing here.
Please contact me if you need assistance.
Debian bug tracking system
severity 481860 normal
thanks
On 2008-06-05 14:33:55 +0200, Raphael Hertzog wrote:
On Thu, 05 Jun 2008, Vincent Lefevre wrote:
I installed the machine on 2008-01-30 (from a CD) then upgraded
to sid. The dpkg log says concerning the upgrades:
What CD? An Etch CD?
Sorry, I mixed up with
On Mon, 19 May 2008, Vincent Lefevre wrote:
On another Debian machihe, I can see that ssh-vulnkey outputs
Unknown (no blacklist information) for the RSA key, probably
because openssh-blacklist-extra isn't installed on this machine.
The description field of openssh-blacklist-extra says:
list
On Mon, May 19, 2008 at 04:28:46AM +0200, Vincent Lefevre wrote:
When I upgraded openssh-server, ssh_host_dsa_key has been replaced
because it was compromised, but not ssh_host_rsa_key, but this one
was compromised too!
What does 'grep -i hostkey /etc/ssh/sshd_config' say?
--
Colin Watson
On 2008-05-19 07:26:29 +0100, Colin Watson wrote:
On Mon, May 19, 2008 at 04:28:46AM +0200, Vincent Lefevre wrote:
When I upgraded openssh-server, ssh_host_dsa_key has been replaced
because it was compromised, but not ssh_host_rsa_key, but this one
was compromised too!
What does 'grep -i
On 2008-05-19 10:35:58 +0200, Vincent Lefevre wrote:
On 2008-05-19 07:26:29 +0100, Colin Watson wrote:
On Mon, May 19, 2008 at 04:28:46AM +0200, Vincent Lefevre wrote:
When I upgraded openssh-server, ssh_host_dsa_key has been replaced
because it was compromised, but not ssh_host_rsa_key,
Package: openssh-server
Version: 1:4.7p1-10
Severity: grave
Tags: security
Justification: user security hole
When I upgraded openssh-server, ssh_host_dsa_key has been replaced
because it was compromised, but not ssh_host_rsa_key, but this one
was compromised too!
$ ll /etc/ssh
-rw-r--r-- 1 root
9 matches
Mail list logo