[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator

On Tue, May 13, 2008 at 3:52 PM, Jan Luehr <jluehr@gmx.net> wrote:

>  > For the last question, I see several solutions:
>  >  - the user has to read the DSA and handle it himself
>
>  Since some keys are generated automatically, (e.g. ssh host keys) users will
>  have to regenerate keys,they haven't generated in the first place and might
>  not be aware of their existens.
>  That's bad.
>


The only instructions I've seen for regenerating host keys include
shutting down the sshd server. This is impossible in some servers I
have, so is there another way?
Reply to: