Re: Mass-updating cached hosts keys afrer ssh security upgrade?

In article <[EMAIL PROTECTED]> you wrote: > I've been trying to go through all the known_hosts files manually and update > them to give my users a break, but it's a tedious nightmare. Adding to the > complexity is that many of the known_hosts files are armored (the hostname/ip > address is not i

Re: Mass-updating cached hosts keys afrer ssh security upgrade?

On Mon, Jul 21, 2008 at 06:43:31PM -0500, JW wrote: This has turned into an unexpected nightmare: my users have, between them all, dozens of cached host keys, and they are nearly unable to work because every time they turn around they're getting bad-old-cached-key warnings (REMOTE HOST IDENTIFI

Re: Mass-updating cached hosts keys afrer ssh security upgrade?

ssh-keyscan --On July 21, 2008 6:43:31 PM -0500 JW <[EMAIL PROTECTED]> wrote: Hello, In the past several weeks I have applied the openssh/openssl updates to my systems - the updates the fix the random-number-generator weakness. This has turned into an unexpected nightmare: my users have, bet

Re: [SECURITY] [DSA 1612-1] New ruby1.8 packages fix several vulnerabilities

On 22/07/2008, at 5:29 AM, Moritz Muehlenhoff wrote: Stable updates are available for amd64, arm, hppa, i386, ia64, mipsel, s390 and sparc. No mention of powerpc? What's going on? - some of the binary packages from the ruby source package for ppc do seem to have made it into the security a

Mass-updating cached hosts keys afrer ssh security upgrade?

Hello, In the past several weeks I have applied the openssh/openssl updates to my systems - the updates the fix the random-number-generator weakness. This has turned into an unexpected nightmare: my users have, between them all, dozens of cached host keys, and they are nearly unable to work bec

Re: Sarge, Bind9 (9.2.4-1sarge3) and DNS cache poisoning

Florian Weimer ([EMAIL PROTECTED]) wrote on 20 July 2008 22:07: >* Vincent Deffontaines: >> If you run a Netfilter NAT firewall, you can use the source port NAT >> randomization feature of Netfilter. This feature is available in Linux >> vanilla kernel since 2.6.21.1 > >Thanks, very interesti

Re: [SECURITY] [DSA 1612-1] New ruby1.8 packages fix several vulnerabilities

Hello. I am on vacation and out of the office from July 20th to July 27th. If you need assistance with e-mail, web hosting, or technical support, please leave a message with Danny Beckett or Ray Brown at 616-301-1037. If you have any other questions or messages, please leave a detailed message a

Re: Testers needed for dnsmasq update

On 2008-07-16, Moritz Muehlenhoff <[EMAIL PROTECTED]> wrote: > I have a Etch dnsmasq packages ready, which enable source port randomisation > to counter the upcoming Kaminsky DNS attack. I need testers, though: > http://people.debian.org/~jmm/dnsmasq/ contains packages for all eleven > Debian relea