[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Packages to remove from frozen

On Tue, Mar 07, 2000 at 02:36:18PM +0100, Jean Charles Delepine wrote:
> Michael Stone <mstone@debian.org> écrivait (wrote) :
> > On Mon, Mar 06, 2000 at 08:37:06PM -0500, Ben Collins wrote:
> > > OpenSSH is compatible with the original SSH. I use my Palm Vx with TopGun
> > > ssh to login to OpenSSH servers all the time.
> > 
> > Hmm. Why do I get this stupid message when I log into certain servers:
> > Warning: Server lies about size of server host key: actual size is 1023
> > bits vs. announced 1024.
> > Warning: This may be due to an old implementation of ssh.
> /usr/share/doc/UPGRADING :
> 4. Warning messages about key lengths
> Commercial SSH's ssh-keygen program contained a bug which caused it to
> occasionally generate RSA keys which had their Most Significant Bit
> (MSB) unset. Such keys were advertised as being full-length, but are
> actually only half as secure.
> OpenSSH will print warning messages when it encounters such keys. To
> rid yourself of these message, edit you known_hosts files and replace
> the incorrect key length (usually "1024") with the correct key length
> (usually "1023").

I don't care whether it's documented. I do care if I get a lot of
questions from users who don't understand why they get error messages
sometimes when going to a host that has always worked. 

Mike Stone

Attachment: pgp0xjHjyjeCA.pgp
Description: PGP signature

Reply to: