The following accounts on LEAF had compromised keys:
hasso Hasso Tepper
mayurb Mayur Bhosle
thacker Nirmal Thacker
I have disabled the keys in question and I am CCing this to the
account holders as well. Please generate new keys and and email me
(I'll try not to be fooled by hackers faking your from addresses :-)).
:This just in: if you were going to use ssh-vulnkey, debian just announced they
:have been told about (and addressed) another shortcoming of the tool:
:
:http://lists.debian.org/debian-security-announce/2008/msg00155.html
:
:Aggelos
I manually checked all the authorized_keys files and none of them had
any options, so I think the scanner found them all.
-Matt
Matthew Dillon
<[EMAIL PROTECTED]>
