Here's how it's done, confirmation with the tool suggested on > http://isc.sans.org/diary.html?storyid=4420
Do an 'sudo apt-get update' and 'sudo apt-get upgrade' then --- [EMAIL PROTECTED]:~$ perl dowkd.pl host localhost # localhost SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1 # localhost SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1 localhost: weak key localhost: weak key summary: keys found: 2, weak keys: 2 [EMAIL PROTECTED]:~$ sudo ssh-keygen -f /etc/ssh/ssh_host_rsa_key -N '' -t rsa Generating public/private rsa key pair. /etc/ssh/ssh_host_rsa_key already exists. Overwrite (y/n)? y Your identification has been saved in /etc/ssh/ssh_host_rsa_key. Your public key has been saved in /etc/ssh/ssh_host_rsa_key.pub. The key fingerprint is: 49:c2:73:ce:05:e4:70:1d:4c:ae:0f:31:a1:cd:d8:34 [EMAIL PROTECTED] [EMAIL PROTECTED]:~$ sudo ssh-keygen -f /etc/ssh/ssh_host_dsa_key -N '' -t dsa Generating public/private dsa key pair. /etc/ssh/ssh_host_dsa_key already exists. Overwrite (y/n)? y Your identification has been saved in /etc/ssh/ssh_host_dsa_key. Your public key has been saved in /etc/ssh/ssh_host_dsa_key.pub. The key fingerprint is: df:2e:37:5d:fb:53:6d:7c:94:16:18:c8:d1:b4:63:78 [EMAIL PROTECTED] [EMAIL PROTECTED]:~$ perl dowkd.pl host localhost # localhost SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1 # localhost SSH-2.0-OpenSSH_4.7p1 Debian-8ubuntu1 summary: keys found: 2, weak keys: 0 [EMAIL PROTECTED]:~$ --- And don't forget any other application/service which uses SSL keys. There was a note of the EncFS mailing list saying that it was affected, I'm sure that there are others such as VPN software. Simon. _______________________________________________ clug-talk mailing list [email protected] http://clug.ca/mailman/listinfo/clug-talk_clug.ca Mailing List Guidelines (http://clug.ca/ml_guidelines.php) **Please remove these lines when replying
