Re: where did www.debian.org/security/key-rollover/ go?

To: debian-user@lists.debian.org
Subject: Re: where did www.debian.org/security/key-rollover/ go?
From: Joey Hess <joeyh@debian.org>
Date: Tue, 13 May 2008 22:39:08 -0400
Message-id: <[🔎] 20080514023908.GA15605@kodama.kitenet.net>
Mail-followup-to: debian-user@lists.debian.org
In-reply-to: <[🔎] 20080514020455.GE7009@titan.hooton>
References: <[🔎] 200805132020.55441.rody@xs4all.nl> <[🔎] 20080514020455.GE7009@titan.hooton>

Douglas A. Tutty wrote:
> After keys are regenerated and all old keys are removed, would a reboot
> be in order to ensure that no apps are using old files that have been
> unlinked but still open?

If replacing a key for a daemon like ssh, or apache, or postfix, restart
the daemon. Some of these daemons read the key file into memory on
startup and never re-read it.

> I don't suppose that new version of (was it ssh) in Sid that warns of
> connections with weak keys will be backported to Etch as a security fix?

Yes, ssh in etch will be updated.

-- 
see shy jo

Attachment: signature.asc
Description: Digital signature

Reply to:

Follow-Ups:
- Re: where did www.debian.org/security/key-rollover/ go?
  - From: Johannes Wiedersich <johannes@physik.blm.tu-muenchen.de>

References:
- where did www.debian.org/security/key-rollover/ go?
  - From: Rody <rody@xs4all.nl>
- Re: where did www.debian.org/security/key-rollover/ go?
  - From: "Douglas A. Tutty" <dtutty@porchlight.ca>

Prev by Date: Re: Blocking Gmail ads
Next by Date: Re: Setting Video Card
Previous by thread: Re: where did www.debian.org/security/key-rollover/ go?
Next by thread: Re: where did www.debian.org/security/key-rollover/ go?
Index(es):
- Date
- Thread