Re: SSH Keys and Debian

To: debian-user@lists.debian.org
Subject: Re: SSH Keys and Debian
From: Johannes Wiedersich <johannes@physik.blm.tu-muenchen.de>
Date: Fri, 23 May 2008 20:30:42 +0200
Message-id: <[🔎] 48370D52.9000009@physik.blm.tu-muenchen.de>
In-reply-to: <[🔎] 48370031.3070506@homes2see.com>
References: <[🔎] 48370031.3070506@homes2see.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2008-05-23 19:34, Ed Curtis wrote:
> I have two deb machines I ssh to constantly on our lan. I had previously
> set up ssh-keys on these machines to rsync files to one machine. This
> morning I ran the ssh update the system update wanted me to run and
> can't ssh to this machine without using a password. I've rerun the
> keygen on the other machines and transfered them to the computer I log
> into but still get prompted for the password. Any ideas? I figure it's
> something to do with the update as it generated all new host keys, etc
> after it was installed.

Have you really deleted *all* the vulnerable keys, ie. user keys and
machine keys?

(As root run "ssh-vulnkey -a" to check for vulnerable keys. )

Delete all vulnerable keys, ie. all that were generated or could
possibly be created with the affected versions of openssh/openssl.

Create new keys.

Debian won't allow log in of users or machines with vulnerable keys.

NB: Be careful, if you have to do this via ssh to a remote box. You
might not be able to log into that box, if you commit a mistake.

HTH,

Johannes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFINw1SC1NzPRl9qEURApTnAJ40hDWixnuaRHBfii5Naa7qpq5/QACfVuMV
r0GA+aiczyA5WvjpYI8HXB4=
=Aprd
-----END PGP SIGNATURE-----

Reply to:

References:
- SSH Keys and Debian
  - From: Ed Curtis <e_curtis@homes2see.com>

Prev by Date: Re: gpg not working with kmail
Next by Date: Re: gpg not working with kmail
Previous by thread: SSH Keys and Debian
Next by thread: gdm does not start
Index(es):
- Date
- Thread