Debian and Ubuntu Linux users should look into their OpenSSH setup. It turns out the used PRNG (Pseudo Random Number Generator) used was predictable. Remember patching isn't enough, you need to regenerate keys generated on these machines! Including those used in SSL certificates (X.509). Worse: even good keys apparently can be exposed due to this. Quoting from the Debian reference below:
So merely using your (good) keys on an affected machine might be enough to get the key itself compromised. -- |
Swa 760 Posts May 13th 2008 |
Thread locked Subscribe |
May 13th 2008 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!