[debian-non-standard] Fwd: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator

Martin Steigerwald Martin at lichtvoll.de
Tue May 13 21:04:51 CEST 2008


Am Dienstag 13 Mai 2008 schrieb Martin Steigerwald:
> Hi!
>
> This shall be interesting for users of the Debian Etch Images that
> Tomasz Chmielewski kindly provides. If the SSH host keys on that image
> have been created on Debian Etch, which appears to be likely, or if you
> recreted them before below mentioned security update, you should
> install the security update - which at least for MIPS is available via
> aptitude already - and recreate your SSH host keys:
>
> rm /etc/ssh/*key*
> dpkg-reconfigure openssh-server

As I understand it is even more important is to recreate SSH client keys 
that you put into the authorized_keys file of your ASUS, Freecom, Linksys 
device - if they were created with a broken openssl version in place.

Ciao,
-- 
Martin 'Helios' Steigerwald - http://www.Lichtvoll.de
GPG: 03B0 0D6C 0040 0710 4AFA  B82F 991B EAAC A599 84C7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://lists.wpkg.org/pipermail/debian-non-standard/attachments/20080513/781c7c48/attachment-0002.sig>


More information about the debian-non-standard mailing list