On May 13, 2:20 pm, Ross Boylan <RossBoy...@stanfordalumni.org> wrote: > Does this mean that RSA keys for openssh should not be considered > compromised? If so, why the need to regenerate them? On our systems the dowkd.pl script found weak DSA and RSA keys, both as host keys, and as user-generated keypairs. We've regenerated the RSA keys as well.