Weak SSL/SSH keys on Debian & derivatives

Discussion in 'NZ Computing' started by Lawrence D'Oliveiro, May 15, 2008.

  1. You may have heard about the recently-discovered vulnerability in the
    version of OpenSSL shipped on Debian and derivatives. Basically, any host
    or user SSH keys, as well as SSL certs, generated since September 2006
    would have used a fatally-weakened pseudorandom number generation
    algorithm, which makes them much easier to guess than they should be.

    More info here <http://lwn.net/Articles/281901/>.
    Lawrence D'Oliveiro, May 15, 2008
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Olivier PELERIN

    SSL with backend SSL on CSS 11500

    Olivier PELERIN, Aug 30, 2004, in forum: Cisco
    Replies:
    0
    Views:
    3,578
    Olivier PELERIN
    Aug 30, 2004
  2. James

    TLS, SSL, SSH

    James, Mar 22, 2005, in forum: Computer Support
    Replies:
    5
    Views:
    19,275
    Charles Blake
    May 7, 2007
  3. Anonymous Sender

    ssh forwarding to ssl proxy?

    Anonymous Sender, Dec 11, 2003, in forum: Computer Security
    Replies:
    2
    Views:
    617
  4. jenny
    Replies:
    0
    Views:
    916
    jenny
    Nov 30, 2006
  5. DUser
    Replies:
    0
    Views:
    374
    DUser
    Jan 11, 2004
Loading...

Share This Page