Ross Boylan <[EMAIL PROTECTED]> writes:
>
> The recent security advisory for Debian's version of openssl says that
> you should regenerate all keys, and that DSA keys should be considered
> compromised.
>
> Does this mean that RSA keys for openssh should not be considered
> compromised? If so, why
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 05/13/08 19:36, Nelson Castillo wrote:
> On Tue, May 13, 2008 at 7:05 PM, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
>> On May 13, 2:20 pm, Ross Boylan <[EMAIL PROTECTED]> wrote:
>> > Does this mean that RSA keys for openssh should not be conside
On Tue, May 13, 2008 at 7:05 PM, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote:
> On May 13, 2:20 pm, Ross Boylan <[EMAIL PROTECTED]> wrote:
> > Does this mean that RSA keys for openssh should not be considered
> > compromised? If so, why the need to regenerate them?
>
> On our systems the dowkd.
On May 13, 2:20 pm, Ross Boylan <[EMAIL PROTECTED]> wrote:
> Does this mean that RSA keys for openssh should not be considered
> compromised? If so, why the need to regenerate them?
On our systems the dowkd.pl script found weak DSA and RSA keys, both
as host keys, and as user-generated keypairs.
The recent security advisory for Debian's version of openssl says that
you should regenerate all keys, and that DSA keys should be considered
compromised.
Does this mean that RSA keys for openssh should not be considered
compromised? If so, why the need to regenerate them?
Thanks.
Ross Boylan
5 matches
Mail list logo
