I got connections from an unknown IP to openssh today. openssh logged:
Public key ... blacklisted (see ssh-vulnkey(1))
19 times, each time with a different key and then ssh would not respond
any more and connections to it froze like so:
$ ssh [EMAIL PROTECTED] -v
OpenSSH_4.3p2 Debian-9etch1,
On Tue, May 20, 2008 at 12:52:54AM -0600, Michael Loftis wrote:
MaxStartups.
Ah. That'd do it. First time I hit that. Thanks and sorry for the noise.
On the down side it seems people are already starting to exploit the
blacklisted keys.
--
Police noticed some rustling sounds from Linn's
MaxStartups.
--On May 20, 2008 4:15:33 PM +1000 CaT [EMAIL PROTECTED] wrote:
I got connections from an unknown IP to openssh today. openssh logged:
Public key ... blacklisted (see ssh-vulnkey(1))
19 times, each time with a different key and then ssh would not respond
any more and connections
I administer a couple of remote Debian servers and must say the latest
security update has left me stranded. My only access to these machines
was over SSH, using keys. So I logged in the other night and this was
the series of events:
+ I enabled password authentication in sshd_config
On Tue, 20 May 2008 08:20:04 +0100
Alexandros Papadopoulos [EMAIL PROTECTED] wrote:
I administer a couple of remote Debian servers and must say the latest
security update has left me stranded. My only access to these machines
was over SSH, using keys. So I logged in the other night and this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Alexandros Papadopoulos said:
+ I enabled password authentication in sshd_config
(PasswordAuthentication yes)
+ aptitude update aptitude dist-upgrade, which updated the packages
and restarted the openssh daemon
+ shortly thereafter my SSH
On May 19, 2008, at 9:52 PM, Jan Tomasek Florian Weimer wrote:
I do not trust dowkd.pl script because
it lacks info where keys were taken.
...
We did not want to publish this information in order to give system.
Do bear in mind that the public key consists of 1) the modulus and 2)
the
On Tue, May 20, 2008 at 08:20:04AM +0100, Alexandros Papadopoulos wrote:
+ I enabled password authentication in sshd_config (PasswordAuthentication
yes)
+ aptitude update aptitude dist-upgrade, which updated the packages
and restarted the openssh daemon
+ shortly thereafter my SSH
On Tue, 2008-05-20 at 08:20 +0100, Alexandros Papadopoulos wrote:
I administer a couple of remote Debian servers and must say the latest
security update has left me stranded. My only access to these machines
was over SSH, using keys. So I logged in the other night and this was
the series of
The Ubuntu openssl maintainers released a openssl-blacklist equivalent
to the openssh-blacklist package. It includes a blacklist with
compromised openssl key hashes and a program with a openssl-vulnkey
program suitable to test your openssl key files.
I think it would be a good think to
Hi Alberto,
Alberto Gonzalez Iniesta schrieb:
On Mon, May 19, 2008 at 01:13:46PM +0200, Christoph Martin wrote:
The Ubuntu openssl maintainers released a openssl-blacklist equivalent
to the openssh-blacklist package. It includes a blacklist with
compromised openssl key hashes and a program
On Tue, May 20, 2008 at 04:48:43PM +0200, Christoph Martin wrote:
Hi Alberto,
Alberto Gonzalez Iniesta schrieb:
On Mon, May 19, 2008 at 01:13:46PM +0200, Christoph Martin wrote:
The Ubuntu openssl maintainers released a openssl-blacklist equivalent
to the openssh-blacklist package. It
Hi Alberto,
Alberto Gonzalez Iniesta schrieb:
The package is being build by its original author (Jamie) and everything
got started when the OpenVPN maintainer (me) decided to add secret/key
file validation like the one on the Ubuntu package. Since those
validations required
Hi Christoph,
On Tue, May 20, 2008 at 05:56:56PM +0200, Christoph Martin wrote:
Alberto Gonzalez Iniesta schrieb:
The package is being build by its original author (Jamie) and everything
got started when the OpenVPN maintainer (me) decided to add secret/key
file validation like the one on
Unfortunately my question has still not been answered.
1. What's the information in /usr/share/doc/openssh-server that is so
enlightening? I don't have access to a debian machine right now so
would be nice to know. Tried downloading from
http://packages.debian.org/etch/openssh-server to no avail.
Jag kommer inte att vara på kontoret från 05/20/2008 och kommer inte
tillbaka förrän 05/22/2008.
Mvh
Amir
OoO En ce début de soirée du mardi 20 mai 2008, vers 21:45, Alexandros
Papadopoulos [EMAIL PROTECTED] disait:
3. Testing to see if you can still get on to a server is exactly what
I would have done, if my connection had not been killed by the server
itself a few seconds after upgrading the
-Original Message-
From: [EMAIL PROTECTED] (Thijs Kinkhorst)
Sent: Tue, 20 May 2008 19:32:39 +0200 (CEST)
To: [EMAIL PROTECTED]
Received: Tue, 20 May 2008 19:32:39 +0200 (CEST)
Subject: [SECURITY] [DSA 1583-1] New gnome-peercast packages fix several
vulnerabilities
-BEGIN PGP
-Original Message-
From: [EMAIL PROTECTED] (Thijs Kinkhorst)
Sent: Tue, 20 May 2008 19:32:39 +0200 (CEST)
To: [EMAIL PROTECTED]
Received: Tue, 20 May 2008 19:32:39 +0200 (CEST)
Subject: [SECURITY] [DSA 1583-1] New gnome-peercast packages fix several
vulnerabilities
-BEGIN PGP
-Original Message-
From: [EMAIL PROTECTED] (Thijs Kinkhorst)
Sent: Tue, 20 May 2008 19:32:39 +0200 (CEST)
To: [EMAIL PROTECTED]
Received: Tue, 20 May 2008 19:32:39 +0200 (CEST)
Subject: [SECURITY] [DSA 1583-1] New gnome-peercast packages fix several
vulnerabilities
-BEGIN PGP
-Original Message-
From: [EMAIL PROTECTED] (Thijs Kinkhorst)
Sent: Tue, 20 May 2008 19:32:39 +0200 (CEST)
To: [EMAIL PROTECTED]
Received: Tue, 20 May 2008 19:32:39 +0200 (CEST)
Subject: [SECURITY] [DSA 1583-1] New gnome-peercast packages fix several
vulnerabilities
-BEGIN PGP
On Tue, 20 May 2008 20:45:20 +0100
Alexandros Papadopoulos [EMAIL PROTECTED] wrote:
3. Testing to see if you can still get on to a server is exactly what
I would have done, if my connection had not been killed by the server
itself a few seconds after upgrading the packages. This happened on
OoO En cette nuit nuageuse du mercredi 21 mai 2008, vers 01:32, Kees
Cook [EMAIL PROTECTED] disait:
* Add empty DSA-2048, since they weren't any bad ones.
How is it possible?
Thanks.
--
BOFH excuse #63:
not properly grounded, please bury computer
pgp3twM6bO48f.pgp
Description: PGP
23 matches
Mail list logo