Douglas A. Tutty wrote: > After keys are regenerated and all old keys are removed, would a reboot > be in order to ensure that no apps are using old files that have been > unlinked but still open? If replacing a key for a daemon like ssh, or apache, or postfix, restart the daemon. Some of these daemons read the key file into memory on startup and never re-read it. > I don't suppose that new version of (was it ssh) in Sid that warns of > connections with weak keys will be backported to Etch as a security fix? Yes, ssh in etch will be updated. -- see shy jo
Attachment:
signature.asc
Description: Digital signature