[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: reset ssh keys, even if only a public key in fedora?



On Tue, 2008-08-19 at 16:04 +0200, Patrice Dumas wrote:
> Hello,
> 
> I just received the reset password mail, and it asks me to reset my ssh 
> key by doing ssh-keygen. However, if I recall well I only uploaded my 
> public key to the fedora server. Why would I want to reset my key pair?
> 
> Maybe I am not one of the users who should reset their key, but I am
> almost sure that I sent the public key to the fedora server, and it
> seems to me that it is used for cvs access. So it is unclear if
> I 'do not use a SSH key in the Fedora Account System'.
> 
> Am I missing something? Can anybody clarify?

DSA keys can be compromised if the server you connect to is compromised.
See discussions about the recent openssl debacle for debian.

If your key is an RSA one, to date it seem you shouldn't have problems
even if a peer server is compromised as long as your private key was not
directly exposed.

a BIG AFAIK.

Simo.

-- 
Simo Sorce * Red Hat, Inc * New York


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]