Bug#483756: insist ssh-vulnkey -a be run by the administrator upon upgrade

To: cjwatson@debian.org
Cc: 483756@bugs.debian.org, suresh@hserus.net
Subject: Bug#483756: insist ssh-vulnkey -a be run by the administrator upon upgrade
From: jidanni@jidanni.org
Date: Sat, 31 May 2008 08:18:46 +0800
Message-id: <[🔎] 87lk1r1g2h.fsf@jidanni.org>
Reply-to: jidanni@jidanni.org, 483756@bugs.debian.org
References: <[🔎] 20080530233103.GL16645@riva.ucam.org>

Another question arises: what are all the remote machines where I have
established a ~/.ssh/ directory (that needs to be cleaned up to plug
the hole there if root there is not up to date)?

Well, one finds a list in .ssh/known_hosts, but on sshd(8):

     Alternately, hostnames may be stored in a hashed form which hides
     host names and addresses should the file's con- tents be
     disclosed.

It should add that even the owner cannot decode these back, as they
are hashes. P.S., my ~/.ssh was 755 mode all these years. Fixed.

[Taking suresh@hserus.net off CC list next message.]

Reply to:

Follow-Ups:
- Bug#483756: insist ssh-vulnkey -a be run by the administrator upon upgrade
  - From: Colin Watson <cjwatson@debian.org>

References:
- Bug#483756: insist ssh-vulnkey -a be run by the administrator upon upgrade
  - From: Colin Watson <cjwatson@debian.org>

Prev by Date: Bug#483756: insist ssh-vulnkey -a be run by the administrator upon upgrade
Next by Date: openssh_4.7p1-11_m68k.changes REJECTED
Previous by thread: Bug#483756: insist ssh-vulnkey -a be run by the administrator upon upgrade
Next by thread: Bug#483756: insist ssh-vulnkey -a be run by the administrator upon upgrade
Index(es):
- Date
- Thread