[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: SSH user key authentication failing in f10



Paul Johnson wrote:
> Debian/Ubuntu systems that had the ssh key flaw last year?  If a key
> was generated on those systems,  my understanding is that open ssh
> will reject it for security reasons.

I don't think the Fedora packages rejected such keys by default.  I
know that Debian and Ubuntu's packages contain patches which implement
a partial blacklist of keys that are checked.  I don't think that's
upstream or in the Fedora packages though.  (I checked by grepping for
blacklist in the the F-10 branch of openssh.)

-- 
Todd        OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Democracy is the theory that the common people know what they want,
and deserve to get it good and hard.
    -- H.L. Mencken, "Little Book in C major", 1916

Attachment: pgpFgIYRPmUb3.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]