FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Debian > Debian User

 
 
LinkBack Thread Tools
 
Old 05-23-2008, 05:34 PM
Ed Curtis
 
Default SSH Keys and Debian

I have two deb machines I ssh to constantly on our lan. I had previously
set up ssh-keys on these machines to rsync files to one machine. This
morning I ran the ssh update the system update wanted me to run and
can't ssh to this machine without using a password. I've rerun the
keygen on the other machines and transfered them to the computer I log
into but still get prompted for the password. Any ideas? I figure it's
something to do with the update as it generated all new host keys, etc
after it was installed.


Thanks,

Ed


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 
Old 05-23-2008, 06:30 PM
Johannes Wiedersich
 
Default SSH Keys and Debian

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 2008-05-23 19:34, Ed Curtis wrote:
> I have two deb machines I ssh to constantly on our lan. I had previously
> set up ssh-keys on these machines to rsync files to one machine. This
> morning I ran the ssh update the system update wanted me to run and
> can't ssh to this machine without using a password. I've rerun the
> keygen on the other machines and transfered them to the computer I log
> into but still get prompted for the password. Any ideas? I figure it's
> something to do with the update as it generated all new host keys, etc
> after it was installed.

Have you really deleted *all* the vulnerable keys, ie. user keys and
machine keys?


(As root run "ssh-vulnkey -a" to check for vulnerable keys. )

Delete all vulnerable keys, ie. all that were generated or could
possibly be created with the affected versions of openssh/openssl.

Create new keys.

Debian won't allow log in of users or machines with vulnerable keys.

NB: Be careful, if you have to do this via ssh to a remote box. You
might not be able to log into that box, if you commit a mistake.

HTH,

Johannes
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)

iD8DBQFINw1SC1NzPRl9qEURApTnAJ40hDWixnuaRHBfii5Naa 7qpq5/QACfVuMV
r0GA+aiczyA5WvjpYI8HXB4=
=Aprd
-----END PGP SIGNATURE-----


--
To UNSUBSCRIBE, email to debian-user-REQUEST@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
 

Thread Tools




All times are GMT. The time now is 05:18 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org