Chris,
On 9.4.2014 14:53, Christopher Schultz wrote:
My recommendation would be to treat everything OpenSSL touches as
tainted and re-key anyway.
[I will assume we are talking about OpenSSH implementation.]
That dependins of the definition of "what OpenSSL touches". OpenSSL
consists of two l
On Wed, Apr 9, 2014 at 2:53 PM, Christopher Schultz
wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA256
>
> Ognjen,
>
> On 4/9/14, 3:30 AM, Ognjen Blagojevic wrote:
>> On 9.4.2014 9:49, André Warnier wrote:
>>> I wonder if I may ask this list-OT question to the SSH experts on
>>> the list :
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256
Ognjen,
On 4/9/14, 3:30 AM, Ognjen Blagojevic wrote:
> On 9.4.2014 9:49, André Warnier wrote:
>> I wonder if I may ask this list-OT question to the SSH experts on
>> the list :
>>
>> I run some 25 webservers (Apache httpd-only, Tomcat-only, or
>> A
Ognjen Blagojevic wrote:
André,
On 9.4.2014 9:49, André Warnier wrote:
I wonder if I may ask this list-OT question to the SSH experts on the
list :
I run some 25 webservers (Apache httpd-only, Tomcat-only, or Apache
httpd + Tomcat).
I do not use HTTPS on any of them.
But I use SSH (OpenSSH) to
André,
On 9.4.2014 9:49, André Warnier wrote:
I wonder if I may ask this list-OT question to the SSH experts on the
list :
I run some 25 webservers (Apache httpd-only, Tomcat-only, or Apache
httpd + Tomcat).
I do not use HTTPS on any of them.
But I use SSH (OpenSSH) to connect to them over the
I wonder if I may ask this list-OT question to the SSH experts on the list :
I run some 25 webservers (Apache httpd-only, Tomcat-only, or Apache httpd +
Tomcat).
I do not use HTTPS on any of them.
But I use SSH (OpenSSH) to connect to them over the Internet for support purposes, with
"authorize
