On Tue, 2008-05-13 at 18:18 +0100, Mac wrote: > I haven't seen this mentioned here, so in case anyone is affected and > hasn't seen the advisory... > > https://lists.ubuntu.com/archives/ubuntu-security-announce/2008-May/000705.html >
Here's a good "how to" guide for resolving this:- http://hantslug.org.uk/lurker/message/20080513.191226.269a6c44.en.html " As far as I can tell, the best way of fixing your ssh keys is: - Install the update - Delete the following files: ~/.ssh/id_* ~/.ssh/authorized_keys /etc/ssh/ssh_host_dsa_key* /etc/ssh/ssh_host_rsa_key* - Generate new host keys: sudo dpkg-reconfigure -plow openssh-server (Thanks to Adrian for pointing out the easy way) - Generate new personal keys: ssh-keygen -t rsa -b 4096 - Restart the ssh daemon Do this on all machines. Don't log out after deleting the host keys (in /etc/ssh) as you won't be able to log back in by ssh. As a precaution, I've also been regenerating the DH key exchange moduli, which are kept in /etc/ssh/moduli. That's documented near the bottom of the ssh-keygen man page. I haven't looked at the X.509 situation yet. " Cheers Al.
signature.asc
Description: This is a digitally signed message part
-- [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-uk https://wiki.ubuntu.org/UKTeam/
