Debian and OpenSSH -Free Host,Free Hosting,Web Hosting,Free Web Hosting,Domain,Domain Name,Domain Name Forum,Web Hosting Forum- Site & Server Administration

06-24-2008, 09:58

Maurizio1230

Senior Member

Join Date: Sep 2007

Posts: 170

Trader Rating: (0)

Points: 0 (Donate)
5 F$/Referral Refer Friends

Debian and OpenSSH

I advice all hosting provider that use openssh on debian (ssl)
http://packages.qa.debian.org/o/openssl.html to be carefull.

Luciano Bello discovered that the random number generator in Debian's openssl package is predictable. This is caused by an incorrect Debian-specific change to the openssl package (CVE-2008-0166). As a result, cryptographic key material may be guessable.

Update immidiatly openssh package or ask your hosting to do it.

Have a look here http://dilbert.com/strips/comic/2001-10-25/
Like you can see in this image this bug can create problem in the random generator keys.

Quote:

OVER HERE WE HAVE OUR RANDOM NUMBER GENERATOR
NINE, NINE, NINE, NINE
ARE YOU SURE THAT'S RANDOM?
THAT'S THE PROBLEM WITH RANDOMNESS, YOU CAN NEVER BE SURE

__________________
Linux Invent - If You Are Free To Think With Your Head There Is A Penguin In Your Heart
Host Invent - Hosting and Domain Registration
Elettro Linux

« Previous Thread | Next Thread »

Thread Tools	Search this Thread
Show Printable Version Email this Page	Search this Thread: Advanced Search
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode

Posting Rules
You may not post new threads You may not post replies You may not post attachments You may not edit your posts vB code is On Smilies are On [IMG] code is On HTML code is Off

Forum Jump

All times are GMT -4. The time now is 21:02.