Re: ssh-vulnkey and authorized_keys
On Thu, May 15, 2008 at 09:52:10AM +0200, Vladislav Kurz wrote:
> It would be also helpful to print the line as dokuwd.pl does.
> Is there any repository with newer versions of ssh-vulnkey or dokuwd.pl ?
Try the Ubuntu version which contains a fixed ssh-vulnkey (
http://www.ubuntu.com/usn/usn-612-5 ):
"Matt Zimmerman discovered that entries in ~/.ssh/authorized_keys with
options (such as "no-port-forwarding" or forced commands) were ignored
by the new ssh-vulnkey tool introduced in OpenSSH (see USN-612-2). This
could cause some compromised keys not to be listed in ssh-vulnkey's
output."
I think, and hope, Debian openssh packages will be updated too.
-Mikko
Reply to: