FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 05-13-2008, 06:15 PM
Ross Boylan
 
Default openssl vulnerability and RSA keys

The recent security advisory for Debian's version of openssl says that
you should regenerate all keys, and that DSA keys should be considered
compromised.

Does this mean that RSA keys for openssh should not be considered
compromised? If so, why the need to regenerate them?

Thanks.
Ross Boylan


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 05-14-2008, 12:05 AM
"agenkin@gmail.com"
 
Default openssl vulnerability and RSA keys

On May 13, 2:20 pm, Ross Boylan <RossBoy...@stanfordalumni.org> wrote:
> Does this mean that RSA keys for openssh should not be considered
> compromised? If so, why the need to regenerate them?

On our systems the dowkd.pl script found weak DSA and RSA keys, both
as host keys, and as user-generated keypairs. We've regenerated the
RSA keys as well.


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 05-14-2008, 12:36 AM
"Nelson Castillo"
 
Default openssl vulnerability and RSA keys

On Tue, May 13, 2008 at 7:05 PM, agenkin@gmail.com <agenkin@gmail.com> wrote:
> On May 13, 2:20 pm, Ross Boylan <RossBoy...@stanfordalumni.org> wrote:
> > Does this mean that RSA keys for openssh should not be considered
> > compromised? If so, why the need to regenerate them?
>
> On our systems the dowkd.pl script found weak DSA and RSA keys, both
> as host keys, and as user-generated keypairs. We've regenerated the
> RSA keys as well.

~$ ./dowkd.pl user nelson
/home/nelson/.ssh/authorized_keys:1: weak key
/home/nelson/.ssh/id_rsa.pub:1: warning: no suitable blacklist

Fortunately I've had sshd turned off for some time. Ops...

N.-




--
http://arhuaco.org


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 05-14-2008, 01:53 AM
Ron Johnson
 
Default openssl vulnerability and RSA keys

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 05/13/08 19:36, Nelson Castillo wrote:
> On Tue, May 13, 2008 at 7:05 PM, agenkin@gmail.com <agenkin@gmail.com> wrote:
>> On May 13, 2:20 pm, Ross Boylan <RossBoy...@stanfordalumni.org> wrote:
>> > Does this mean that RSA keys for openssh should not be considered
>> > compromised? If so, why the need to regenerate them?
>>
>> On our systems the dowkd.pl script found weak DSA and RSA keys, both
>> as host keys, and as user-generated keypairs. We've regenerated the
>> RSA keys as well.
>
> ~$ ./dowkd.pl user nelson
> /home/nelson/.ssh/authorized_keys:1: weak key
> /home/nelson/.ssh/id_rsa.pub:1: warning: no suitable blacklist

$ ./dowkd.pl user me
$

I think I generated my keys long-enough ago that they aren't broken.

- --
Ron Johnson, Jr.
Jefferson LA USA

We want... a Shrubbery!!
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFIKkYnS9HxQb37XmcRAtUEAKDHhx1sS9M3a6Eyu1GtXX +YYtv3NwCfXgxU
fTInSLMWPd+8amsUCHSBpxs=
=y5oG
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 05-15-2008, 06:19 PM
Kevin Buhr
 
Default openssl vulnerability and RSA keys

Ross Boylan <RossBoylan@stanfordalumni.org> writes:
>
> The recent security advisory for Debian's version of openssl says that
> you should regenerate all keys, and that DSA keys should be considered
> compromised.
>
> Does this mean that RSA keys for openssh should not be considered
> compromised? If so, why the need to regenerate them?

To clarify, *all* SSH keys, whether DSA or RSA, generated using the
bad version of OpenSSL are garbage: they are easily guessable.

Furthermore, as I read the advisories and other sources, because of
the way DSA keys are used, even strong DSA keys (generated by good
versions of OpenSSL) are compromised if they were used locally with
the bad OpenSSL.

"Locally" here means that the strong DSA key was used on the same side
of the connection as the bad OpenSSL: if you used a user DSA key to
"ssh" to a remote server and your local OpenSSL library was bad, or if
a server DSA key was used by "sshd" to accept a remote connection and
the server's OpenSSL library was bad, then the respective key is
compromised (even if it was a strong key generated by a good OpenSSL
library).

"Compromised" means that anyone who intercepted and saved such an SSH
conversation can now use this new knowledge of the OpenSSL
vulnerability to recover the private DSA key from the connection data.

At least, that's how I've interpreted what I've heard.

--
Kevin Buhr <buhr+debian@asaurus.net>


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 12:24 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org