Bug#481106: openssh-server: Please add ssh-vulnkey to help test for bad keys

To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: Bug#481106: openssh-server: Please add ssh-vulnkey to help test for bad keys
From: Karl Schmidt <karl@xtronics.com>
Date: Tue, 13 May 2008 13:05:13 -0500
Message-id: <[🔎] 20080513180513.5812.3681.reportbug@malaysia.xtronics.network>
Reply-to: Karl Schmidt <karl@xtronics.com>, 481106@bugs.debian.org

Package: openssh-server
Version: 1:4.3p2-9
Severity: important

The fix for bug 363516 fails to include ssh-vulnkey that is in the ubuntu version.

(See http://www.ubuntu.com/usn/usn-612-2 )

The seriousness of this bug means that a method for testing for the vulenability 
is important to include with the fix.

Perhaps it would be a good idea to run ssh-vulnkey as part of the update process?

Reply to:

Follow-Ups:
- Bug#481106: marked as done (openssh-server: Please add ssh-vulnkey to help test for bad keys)
  - From: owner@bugs.debian.org (Debian Bug Tracking System)

Prev by Date: Accepted openssh 1:4.7p1-9 (source all i386)
Next by Date: upload the latest openssh to security.debian.org?
Previous by thread: Re: Accepted openssh 1:4.7p1-9 (source all i386)
Next by thread: Bug#481106: marked as done (openssh-server: Please add ssh-vulnkey to help test for bad keys)
Index(es):
- Date
- Thread