Re: ssh-vulnkey and authorized_keys

To: Alex Samad <alex@samad.com.au>
Subject: Re: ssh-vulnkey and authorized_keys
From: Chris Adams <cadams@salk.edu>
Date: Thu, 15 May 2008 19:43:13 -0400
Message-id: <[🔎] 0BE0C8B2-23FC-4CE2-A5C0-AE460428CAB9@salk.edu>
In-reply-to: <[🔎] 20080515222550.GE19648@samad.com.au>
References: <[🔎] 200805150952.10853.vladislav.kurz@webstep.net> <[🔎] 20080515222550.GE19648@samad.com.au>


On May 15, 2008, at 6:25 PM, Alex Samad wrote:

is there away to check x509 certs with these tools ?

Yes - the wiki has one (http://wiki.debian.org/SSLkeys) but you mightprefer the openssl-blacklist package which Ubuntu prepared:


https://launchpad.net/ubuntu/+source/openssl-blacklist/

It runs out of the box on Debian and if you edit debian/control tochange the openssl dependency from the Ubuntu version(0.9.8g-4ubuntu3.1) to the Debian version (0.9.8c-4etch3) you can dpkg-buildpackage it and deploy it to multiple systems. I used it like thisto flush out Apache keys:


sudo find /etc/ -xdev -type f -name \*.key -exec openssl-vulnkey {} \;

Chris

Attachment: smime.p7s
Description: S/MIME cryptographic signature

Reply to:

Follow-Ups:
- Plans to deploy openssl-blacklist in Debian? (was: Re: ssh-vulnkey and authorized_keys)
  - From: "Felipe Augusto van de Wiel (faw)" <faw@funlabs.org>
- Re: ssh-vulnkey and authorized_keys
  - From: Alex Samad <alex@samad.com.au>

References:
- ssh-vulnkey and authorized_keys
  - From: Vladislav Kurz <vladislav.kurz@webstep.net>
- Re: ssh-vulnkey and authorized_keys
  - From: Alex Samad <alex@samad.com.au>

Prev by Date: Re: ssh-vulnkey and authorized_keys
Next by Date: Plans to deploy openssl-blacklist in Debian? (was: Re: ssh-vulnkey and authorized_keys)
Previous by thread: Re: ssh-vulnkey and authorized_keys
Next by thread: Plans to deploy openssl-blacklist in Debian? (was: Re: ssh-vulnkey and authorized_keys)
Index(es):
- Date
- Thread