[Tfug] Debian SSH vulnerability
Andrew Ayre
andy at britishideas.com
Tue May 13 17:36:38 MST 2008
Patching the faulty code doesn't regenerate the SSH keys for you... The
problem is in the application but requires regeneration of all data from
that application...
BTW it is possible to get truly random values, but requires some
specialised hardware (like an ADC and untuned antenna for example).
Andy
William Stott wrote:
> No central patch management system for Debian?
>
> ----- Original Message -----
> From: Matt Jacob <m at mattjacob.com>
> To: William Stott
> Cc: tfug at tfug.org <tfug at tfug.org>
> Sent: Tue May 13 17:11:22 2008
> Subject: Re: [Tfug] Debian SSH vulnerability
>
> William Stott wrote:
> > Nothing in computer land is truly random anyways...
>
> Yeah, but for those of us who manage Debian boxes, this is a royal PITA
> and something I will literally spend several days fixing.
>
> Matt
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Tucson Free Unix Group - tfug at tfug.org
> Subscription Options:
> http://www.tfug.org/mailman/listinfo/tfug_tfug.org
--
Andy
PGP Key ID: 0xDC1B5864
More information about the tfug
mailing list