On Tue, May 13, 2008 at 9:12 PM, Richard Doyle
> There is a potentially serious vulnerability in OpenSSL which affects
> Edubuntu and other Debian-based distributions:
> Fixes are described in http://wiki.debian.org/SSLkeys . Since SSH is a
> vital part of Edubuntu, and is affected by the vulnerability, every
> affected system should be fixed ASAP. As I understand it, the fix for
> version version 7.04 is to run the following commands:
> sudo rm /etc/ssh/ssh_host_*
> sudo dpkg-reconfigure openssh-server
> sudo ltsp-update-sshkeys
I ran the ssl upgrade provided via package manager on my dev-box
running Hardy and rebooted and found my thin clients locked out.
Bummer. Glad I didn't apply this against a production box.
Next I ran the commands Richard mentioned, but no joy there either. I
can log on to the box via the console but thin clients are locked out.
Anyone got a fix? Do I need to chroot to /opt/ltsp/ and rebuild the image??
Can we get an edubuntu specific fix figured out and posted to the wiki asap?
> edubuntu-users mailing list
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users
edubuntu-users mailing list
Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/edubuntu-users