Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator

To: "Steve Suehring" <debiansec@braingia.org>, debian-security@lists.debian.org
Subject: Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
From: "John Keimel" <john@keimel.com>
Date: Tue, 13 May 2008 21:37:55 -0400
Message-id: <[🔎] fe374f8d0805131837w72da882fhe2af578f430fc215@mail.gmail.com>
In-reply-to: <[🔎] 20080513231035.GA28630@mail.braingia.org>
References: <87od7az9v4.fsf@mid.deneb.enyo.de> <[🔎] m3fxsmaqul.fsf@neo.luffy.cx> <[🔎] fe374f8d0805131338k285e06b4gb0b5f52c1c9e505a@mail.gmail.com> <[🔎] 200805132253.26553.jluehr@gmx.net> <[🔎] 20080513213525.GA16644@madap.com.ar> <[🔎] 20080513231035.GA28630@mail.braingia.org>

On Tue, May 13, 2008 at 7:10 PM, Steve Suehring <debiansec@braingia.org> wrote:

>  Note that doing either of these will result in host key failures and
>  warnings for any clients attempting to connect to you.  This is
>  especially bad if you have things like rsync over ssh in a cron job.
>  Moral of the story is to remember to update your known_hosts and let
>  your users know that their ssh client of choice may bark at them.
>

This is why we have motd and issue.net ;)

And the pesky users mailing list.

But I'm sure some people will be thankful you reminded them about rsync.

Thanks

Reply to:

References:
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: Vincent Bernat <bernat@debian.org>
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: "John Keimel" <john@keimel.com>
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: Jan Luehr <jluehr@gmx.net>
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: dererk <dererk@madap.com.ar>
- Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
  - From: Steve Suehring <debiansec@braingia.org>

Prev by Date: Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
Next by Date: Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
Previous by thread: Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
Next by thread: Re: [SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
Index(es):
- Date
- Thread