Martin Steigerwald schrieb: > Hi! > > This shall be interesting for users of the Debian Etch Images that > Tomasz Chmielewski kindly provides. If the SSH host keys on that image > have been created on Debian Etch, which appears to be likely, or if you > recreted them before below mentioned security update, you should install > the security update - which at least for MIPS is available via aptitude > already - and recreate your SSH host keys: > > rm /etc/ssh/*key* > dpkg-reconfigure openssh-server > > You will get the man in the middle attack warning of course then and need > to remove the old key from ~/.ssh/known_hosts. > > If you use SSL certificates or OpenVPN keys that you created with a buggy > version of openssl you should recreate them also. > > Maybe your website should mention this, Tomasz, until you provide an > updated image. I could create one if I manage to take the time for it, > which might take quite a while. > > Of course this applies to other Debian servers that are connected to the > internet. But as especially those ASUS routers are likely to be connected > to internet it may apply to them (unless you reject SSH from outside via > iptables). Thanks for the tip. I added a link with this info for ASUS (mips) and FSG-3 (arm) Debian base filesystem downloads. -- Tomasz Chmielewski http://wpkg.org |