tuxmaniac’s blog

Off late, all blog rolls seem to be talking on the OpenSSL vulnerability in Debian based systems. Well, I took it a bit lightly given the lazy goose I am. But some of my work for the weekend threatened to come to a grinding halt as most of the servers which I access, disabled my blacklisted ssh key. So had to regenerate the keypair and re upload to all the servers. Man!! I seemed to have access to shit loads of servers. I recommend this article by tonnere which gives a very nice gist of the actual problem and the affected systems.

Also the Debian folks have released a package to check whether your key is vulnerable or not. If you are on any Debian based system, just run “sudo ssh-vulnkey -a” to check for all existing key pairs to find out whether they are blacklisted.
Simple steps to update your ssh keys

1. $ssh-keygen

2. Copy the ~/,ssh/id_rsa.pub to the server you wish to update your ssh key.

3. Safeguard your ~/.ssh/id_rsa private key.

This entry was posted on Sunday, May 18th, 2008 at 1:51 pm and is filed under FLOSS, ubuntu, debian. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.