Bug#481860: openssh-server upgrade didn't remove all compromised keys from /etc/ssh
On 2008-05-19 07:26:29 +0100, Colin Watson wrote:
> On Mon, May 19, 2008 at 04:28:46AM +0200, Vincent Lefevre wrote:
> > When I upgraded openssh-server, ssh_host_dsa_key has been replaced
> > because it was compromised, but not ssh_host_rsa_key, but this one
> > was compromised too!
>
> What does 'grep -i hostkey /etc/ssh/sshd_config' say?
vin:~> grep -i hostkey /etc/ssh/sshd_config
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key
--
Vincent Lefèvre <vincent@vinc17.org> - Web: <http://www.vinc17.org/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.org/blog/>
Work: CR INRIA - computer arithmetic / Arenaire project (LIP, ENS-Lyon)
Reply to: