On Tue, May 13, 2008 at 7:05 PM, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > On May 13, 2:20 pm, Ross Boylan <[EMAIL PROTECTED]> wrote: > > Does this mean that RSA keys for openssh should not be considered > > compromised? If so, why the need to regenerate them? > > On our systems the dowkd.pl script found weak DSA and RSA keys, both > as host keys, and as user-generated keypairs. We've regenerated the > RSA keys as well.
~$ ./dowkd.pl user nelson /home/nelson/.ssh/authorized_keys:1: weak key /home/nelson/.ssh/id_rsa.pub:1: warning: no suitable blacklist Fortunately I've had sshd turned off for some time. Ops... N.- -- http://arhuaco.org -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
