Re: openssh remote upgrade procedure?
Michel Messerschmidt schrieb:
> 1) Create a new temporary keypair on a non-vulnerable system and
> protect the key with a good passphrase.
> 2) Install the temporary public key on the vulnerable system *before*
> the upgrade. Because it is no weak key, it won't be blacklisted.
> Note: You rely on the pasphrase protection of the key, because you
> currently have no secured connection to the vulnerable system.
I don't understand that remark. You have to put the *public* key on
the vulnerable system - that key does not need any protection, as it
is, indeed, public.
-thh
Reply to: