On 2008-05-19 10:35:58 +0200, Vincent Lefevre wrote: > On 2008-05-19 07:26:29 +0100, Colin Watson wrote: > > On Mon, May 19, 2008 at 04:28:46AM +0200, Vincent Lefevre wrote: > > > When I upgraded openssh-server, ssh_host_dsa_key has been replaced > > > because it was compromised, but not ssh_host_rsa_key, but this one > > > was compromised too! > > > > What does 'grep -i hostkey /etc/ssh/sshd_config' say? > > vin:~> grep -i hostkey /etc/ssh/sshd_config > # HostKeys for protocol version 2 > HostKey /etc/ssh/ssh_host_rsa_key > HostKey /etc/ssh/ssh_host_dsa_key
On another Debian machihe, I can see that ssh-vulnkey outputs "Unknown (no blacklist information)" for the RSA key, probably because openssh-blacklist-extra isn't installed on this machine. The description field of openssh-blacklist-extra says: "list of non-default blacklisted OpenSSH RSA and DSA keys" I wonder why "non-default", because all these keys were generated automatically when Debian was installed. -- Vincent Lefèvre <[EMAIL PROTECTED]> - Web: <http://www.vinc17.org/> 100% accessible validated (X)HTML - Blog: <http://www.vinc17.org/blog/> Work: CR INRIA - computer arithmetic / Arenaire project (LIP, ENS-Lyon) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
