Re: Debian OpenSSL Weak Key Detector (dowkd) version 0.9
* Florian Weimer:
> I've just uploaded a new version of dowkd.pl to the usual place:
>
> <http://security.debian.org/project/extra/dowkd/dowkd.pl.gz>
> <http://security.debian.org/project/extra/dowkd/dowkd.pl.gz.asc>
> (OpenPGP signature)
I've just released version 0.9.3, which contains the following changes
compared to the May 18 version (which was 0.9):
v0.9.3
Add OpenSSH-RSA1-2048-*-LE blacklists
v0.9.2
Use one ssh-keyscan invocation to gather host keys
Add "quick" host check command
Report consecutive unparsable lines only once
Update help message; mention OpenSSH rsa1 2048 bit support
Allow setting the destination port in "dowkd host"
Display error if the script does not contain any blacklist
Regenerate database upon crash (by setting the DB version last)
Create a rsync-optimized compressed Perl script
v0.9.1
Add a ChangeLog to the compiled Perl script
Add data/OpenSSH-RSA-4096-*-LE blacklist
Fix missing OpenSSH-RSA1-1024-64-LE blacklist
There was some inconsistency in the blacklist data and the help message,
but this has been fixed.
Reply to: