On 8. April 2014 05:34:28 MESZ, Ludwig <macpo...@metaspasm.org> wrote: >What else do I need to do about the addressed vulnerability besides >updating >the port — generate new keys or what?
...as far as i informed about the current security notice / patch in OpenSSH (!) it makes no sense to generate new host or client keys. It could make sense to delete the known_hosts as the sec flaw could make it possible in curcumstances that a new client connects to a DNS faked host when not verifying the host key fingerprint during the host verifying process. cheerioh, Niels. -- Niels Dettenbach Syndicat IT&Internet http://www.syndicat.com _______________________________________________ macports-users mailing list macports-users@lists.macosforge.org https://lists.macosforge.org/mailman/listinfo/macports-users
