Debian Bug Tracking System schrieb:
> On Thu, Jul 10, 2008 at 05:28:19PM +0200, Christoph Martin wrote:
>> The openssh client and openssh-vulnkey do not check for 4096 bit
>> comprimised keys as the sid version does. So the user will not find
>> these compromised keys when checking with openssh-vulnkey and the ssh
>> server will accept connections with these keys.
>>
>> Please supply a package like in sid which also checks for 4096 (and
>> other?) bit keys.
>
> Install the openssh-blacklist-extra package.
I checked that. It is useful if you have the unstable/testing version of
openssh-client. The stable openssh-client includes a version of
ssh-vulnkey which does not use the 4096 bit blacklists.
Please reopen the bug
--
============================================================================
Christoph Martin, Leiter der EDV der Verwaltung, Uni-Mainz, Germany
Internet-Mail: Christoph.Martin@Verwaltung.Uni-Mainz.DE
Telefon: +49-6131-3926337
Fax: +49-6131-3922856
Attachment:
signature.asc
Description: OpenPGP digital signature