* James Miller: >From what I understand ssh-vulnkey only check to see if a key is listed >in the blacklist (already compromised). Is there any way to >empirically test whether a key is vulnerable or not?
All vulnerable keys should be contained in the blacklist. In other words, the blacklist should be complete. There is no known way to test for a weak key, except for looking it up in a pre-generated blacklist. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
