Ubuntu-everyone: Your ssh keys should be considered compromised « Steven Harms

Ubuntu-everyone: Your ssh keys should be considered compromised

Just read this and the security release. There is a checker provided in the security release note, but at any rate, your ssh key was probably generated incorrectly with respect to random time (mine were). Joy.

Update: Ubuntu Security Advisory.

Warning! Your ssh keys will stop working:
“Once the update is applied, weak user keys will be automatically rejected where possible (though they cannot be detected in all cases). If you are using such keys for user authentication, they will immediately stop working and will need to be replaced (see step 3). “

Related posts:

This entry was posted on May 13, 2008, 11:22 am and is filed under General. You can follow any responses to this entry through RSS 2.0. You can leave a response, or trackback from your own site.

1 Comment (and 2 trackbacks)

Pingback: Ubuntu users: You need to update your SSH keys « I’m Just an Avatar
Pingback: Debian und die OpenSSL-Schwachstelle - sharkBLOG
#1 by asdfasf on May 15, 2008 - 9:04 pm

Quote

Not everyone. Dapper is unaffected (as far as I can tell).