Weak host-keys are not replaced during openssh update
Mario Vukelic
mario.vukelic at dantian.org
Tue May 13 18:49:32 UTC 2008
On Tue, 2008-05-13 at 20:35 +0200, Markus Schönhaber wrote:
> On two of the Gutsy servers I administer the weak host keys remain in
> place after
> aptitude update
> aptitude safe-upgrade
> and I am not prompted anything during the upgrade either.
>
> Anyone else seeing this?
Maybe this:
===========================================================
Ubuntu Security Notice USN-612-2 May 13, 2008
openssh vulnerability
CVE-2008-0166, http://www.ubuntu.com/usn/usn-612-1
===========================================================
<snip>
"Once the update is applied, weak user keys will be automatically
rejected where possible (though they cannot be detected in all
cases). If you are using such keys for user authentication,
they will immediately stop working and will need to be replaced
(see step 3)."
More information about the ubuntu-users
mailing list