-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Thursday, 15.05.2008 at 07:11 +0200, Otto Moerbeek wrote:

quoted text
> On Wed, May 14, 2008 at 07:43:25PM -0700, Darrin Chandler wrote:
> 
> > On Wed, May 14, 2008 at 10:22:11PM -0400, Ted Unangst wrote:
> > > On 5/14/08, Ben Calvert <ben@flyingwalrus.net> wrote:
> > > > On May 14, 2008, at 5:22 PM, Darrin Chandler wrote:
> > > > > Are you sure that's a decent analysis? If you have a
> > > > > non-debian system with the full number of keys available, what
> > > > > are the chances that you've landed on one of the 32767 keys?
> > > > > Not very likely. So that analysis seems alarmist and
> > > > > sensational to me.
> > > 
> > > Because nobody would ever run ssh-keygen on their ubuntu desktop
> > > and copy that to authorized_keys on another computer.
> > 
> > Sure. Lots of those keys out there already. So is something like
> > ssh-vulnkey the right approach? I do have a couple of users on one
> > of my boxes. Mind, they're all good OpenBSD people and I really hope
> > their keys didn't come from a debian box. It'll be nice to find out
> > that the keys are ok.
> 
> You can use the perl script in the debian announcement to check host
> keys and user keys. 

For info

Debian (and thus also Ubuntu) have released updated openssh packages
which include a new tool called ssh-vulnkey which can be used to check
the running system[1] for vulnerable keys: ssh-vulnkey works similarly
to the Perl script in the Debian announcement.  The package has also had
an additional option added to sshd_config which blacklists (i.e. stops
use of) these vulnerable keys.  Once updated, Debian and Ubuntu systems
will reject connections based on these vulnerable keys.

One of my machines at home is an Ubuntu laptop and my OpenBSD box had a
copy of its public key in ~/.ssh/authorized_keys so that logging into it
is simpler from the laptop - if this box were exposed to the world, then
it would only take 32,000 attempts to get into it, if my username is
known.  I've removed the vulnerable public key from the OpenBSD box now.

I believe the original assessment was correct: *all* systems running SSH
ought to check for these vulnerable keys, not just those systems running
Debian or derivatives.  Yes, it's Debian's "fault", but we all have to
manage the consequences.  If only Debian and Ubuntu's openssh is
updated, then they will be *more* secure than non-updated OpenBSD,
Solaris, Red Hat Linux etc.

Cheers,

Dave.

[1] It checks host keys and also the contents of authorized_keys

- -- 
Dave Ewart
iD8DBQFIK/wbbpQs/WlN43ARAnKvAJ4pYbbhW4pCYvp7hqApTCqr43BWmwCg864Q
xBTY5bfIl4KLiSsYsDMplS8=
=5mhX
-----END PGP SIGNATURE-----