Find and fix weak OpenSSL/OpenSSH keys: Debian-based Linux vulnerability

0

http://blogs.techrepublic.com.com

A recent vulnerability was found in the OpenSSL package as provided by Debian and Debian-based Linux distributions, such as Ubuntu, that broke the effectiveness of the OpenSSL PRNG (Predictable Random Number Generator). This vulnerability caused OpenSSL to generate weak keys for anything relying on OpenSSL, including SSL certificates, OpenSSH keys, and OpenVPN keys. Any OpenSSL-based key generated on a Debian-based system since September 2006 by the openssl, ssh-keygen, or openvpn –keygen commands are vulnerable to this issue.

Full story »
Ubuntu87's picture
Created by Ubuntu87 15 years 48 weeks ago
Category: End User   Tags:

Similar stories

Fix for OpenSSL/SSH/VPN Vulnerability in Ubuntu 7.04/7.10/8.04 15 years 49 weeks ago
Public Service Announcement to Debian and Ubuntu Users 15 years 49 weeks ago
SSL Certificates Vulnerable to OpenSSL Flaw on Debian 15 years 44 weeks ago
Distributing New SSH Keys Using Rsh On Linux And Unix 15 years 45 weeks ago

Best karma users

  1. andolasoft's picture
    andolasoft
  2. fred's picture
    fred
  3. nilarimogard's picture
    nilarimogard