Re: Debian libssl security (OpenSSH safe?)

Score:

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

[view in full thread]

From: Darrin Chandler <dwchandler@...>

To: Ted Unangst <ted.unangst@...>

Cc: Ben Calvert <ben@...>, raven <raven@...>, <misc@...>

Subject: Re: Debian libssl security (OpenSSH safe?)

Date: Wednesday, May 14, 2008 - 10:43 pm

On Wed, May 14, 2008 at 10:22:11PM -0400, Ted Unangst wrote:
quoted text> On 5/14/08, Ben Calvert <ben@flyingwalrus.net> wrote:
> > On May 14, 2008, at 5:22 PM, Darrin Chandler wrote:
> > > Are you sure that's a decent analysis? If you have a non-debian system
> > > with the full number of keys available, what are the chances that you've
> > > landed on one of the 32767 keys? Not very likely. So that analysis seems
> > > alarmist and sensational to me.
> 
> Because nobody would ever run ssh-keygen on their ubuntu desktop and
> copy that to authorized_keys on another computer.

Sure. Lots of those keys out there already. So is something like
ssh-vulnkey the right approach? I do have a couple of users on one of my
boxes. Mind, they're all good OpenBSD people and I really hope their
keys didn't come from a debian box. It'll be nice to find out that the
keys are ok.

-- 
Darrin Chandler            |  Phoenix BSD User Group  |  MetaBUG
dwchandler@stilyagin.com   |  http://phxbug.org/      |  http://metabug.org/
http://www.stilyagin.com/  |  Daemons in the Desert   |  Global BUG Federation

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

Debian libssl security (OpenSSH safe?), Juan Miscaro, (Tue May 13, 11:37 am)

Re: Debian libssl security (OpenSSH safe?), Sean Malloy, (Tue May 13, 12:14 pm)

Re: Debian libssl security (OpenSSH safe?), Gabriel Linder, (Wed May 14, 3:41 am)

Re: Debian libssl security (OpenSSH safe?), Otto Moerbeek, (Wed May 14, 7:22 am)

Re: Debian libssl security (OpenSSH safe?), Ted Unangst, (Wed May 14, 7:24 am)

Re: Debian libssl security (OpenSSH safe?), raven, (Wed May 14, 7:45 pm)

Re: Debian libssl security (OpenSSH safe?), Darrin Chandler, (Wed May 14, 8:22 pm)

Re: Debian libssl security (OpenSSH safe?), Ben Calvert, (Wed May 14, 8:30 pm)

Re: Debian libssl security (OpenSSH safe?), Ted Unangst, (Wed May 14, 10:22 pm)

Re: Debian libssl security (OpenSSH safe?), Darrin Chandler, (Wed May 14, 10:43 pm)

Re: Debian libssl security (OpenSSH safe?), Otto Moerbeek, (Thu May 15, 1:11 am)

Re: Debian libssl security (OpenSSH safe?), Dave Ewart, (Thu May 15, 5:02 am)

Re: Debian libssl security (OpenSSH safe?), Tim Post, (Thu May 15, 5:44 am)

Re: Debian libssl security (OpenSSH safe?), Darrin Chandler, (Thu May 15, 9:31 am)

Re: Debian libssl security (OpenSSH safe?), Tim Post, (Fri May 16, 2:51 am)

Re: Debian libssl security (OpenSSH safe?), Ted Unangst, (Wed May 14, 11:10 pm)

Re: Debian libssl security (OpenSSH safe?), Jussi Peltola, (Wed May 14, 8:53 pm)

Re: Debian libssl security (OpenSSH safe?), Douglas A. Tutty, (Thu May 15, 9:52 am)

Re: Debian libssl security (OpenSSH safe?), Marc Espie, (Tue May 13, 1:00 pm)

More details show that someone seriously fucked up in debian..., chefren, (Tue May 13, 6:48 pm)

Re: More details show that someone seriously fucked up in de..., Damien Miller, (Thu May 15, 2:05 pm)

Re: More details show that someone seriously fucked up in de..., Otto Moerbeek, (Wed May 14, 2:47 am)

Re: More details show that someone seriously fucked up in de..., Otto Moerbeek, (Wed May 14, 7:53 am)


linux-kernel:
Al Boldi	Re: [ANNOUNCE] RSDL completely fair starvation free interactive cpu scheduler
Linus Torvalds	Linux 2.6.27-rc8
Jeremy Fitzhardinge	Stolen and degraded time and schedulers
Rene Herman	[PATCH] x86: provide a DMI based port 0x80 I/O delay override
git:
Junio C Hamano	Re: [PATCH] Teach remote machinery about remotes.default config variable
Johannes Schindelin	Re: [PATCH 1/2] Allow git-apply to fix up the line counts
Sam Vilain	Re: Decompression speed: zip vs lzo
Johannes Schindelin	Re: [kernel.org users] [RFD] On deprecating "git-foo" for builtins
linux-netdev:
Wenji Wu	Re: A Linux TCP SACK Question
Jeff Kirsher	[RESEND][NET-NEXT PATCH 07/29] ixgbe: limit small mtu to minimum for ipv4 support
Rémi	[PATCH 00/14] [RFC] Phonet protocol stack
Ivo van Doorn	Re: [PATCH] [PS3] gelic wireless driver needs MAC80211 support
openbsd-misc:
Marco Peereboom	Re: Real men don't attack straw men
chefren	Kuro5hin: OpenBSD Founder Theo deRaadt Has Conflict of Interest With AMD
Don Jackson	How to use (compact) flash cards with OpenBSD
askthelist	Packets Per Second Limit?


high memory	21 hours ago	Linux kernel
semaphore access speed	1 day ago	Applications and Utilities
the kernel how to power off the machine	1 day ago	Linux kernel
Easter Eggs in windows XP	1 day ago	Windows
Shared swap partition	1 day ago	Linux general
Root password	1 day ago	Linux general
Where/when DNOTIFY is used?	1 day ago	Linux kernel
How to convert Linux Kernel built-in module into a loadable module	1 day ago	Linux kernel
Linux 2.6.24 and I/O schedulers	1 day ago	Linux kernel
USB Driver -- Interrupt Polling -- A Little Help Please	1 day ago	Linux general

Re: Debian libssl security (OpenSSH safe?)

Online users