[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#481860: openssh-server upgrade didn't remove all compromised keys from /etc/ssh

On 2008-05-19 07:26:29 +0100, Colin Watson wrote:
> On Mon, May 19, 2008 at 04:28:46AM +0200, Vincent Lefevre wrote:
> > When I upgraded openssh-server, ssh_host_dsa_key has been replaced
> > because it was compromised, but not ssh_host_rsa_key, but this one
> > was compromised too!
> 
> What does 'grep -i hostkey /etc/ssh/sshd_config' say?

vin:~> grep -i hostkey /etc/ssh/sshd_config
# HostKeys for protocol version 2
HostKey /etc/ssh/ssh_host_rsa_key
HostKey /etc/ssh/ssh_host_dsa_key

-- 
Vincent Lefèvre <vincent@vinc17.org> - Web: <http://www.vinc17.org/>
100% accessible validated (X)HTML - Blog: <http://www.vinc17.org/blog/>
Work: CR INRIA - computer arithmetic / Arenaire project (LIP, ENS-Lyon)
Reply to: