[Python-Dev] heads up on svn.python.org ssh keys - debian/ubuntu users may need new ones (original) (raw)
Guilherme Polo ggpolo at gmail.com
Tue May 13 20:45:02 CEST 2008
- Previous message: [Python-Dev] heads up on svn.python.org ssh keys - debian/ubuntu users may need new ones
- Next message: [Python-Dev] heads up on svn.python.org ssh keys - debian/ubuntu users may need new ones
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
2008/5/13 Gregory P. Smith <greg at krypto.org>:
Heads up.
Debian screwed up. As a result all ssh and ssl keys generated in the last 18 months on debian and ubuntu systems may be compromised due to not using a good random number generator seed. http://lists.debian.org/debian-security-announce/2008/msg00152.html and http://www.links.org/?p=327 If you generated your python subversion ssh key during this time on a machine fitting the description above, please consider replacing your keys. apt-get update ; apt-get upgrade on debian will provide you with a ssh-vulnkey program that can be used to test if your ssh keys are valid or not.
Thanks for pointing it out Gregory.
ssh-vulnkey says most of my keys are compromised, including the one used for python's svn.
-gps
Python-Dev mailing list Python-Dev at python.org http://mail.python.org/mailman/listinfo/python-dev Unsubscribe: http://mail.python.org/mailman/options/python-dev/ggpolo%40gmail.com
-- -- Guilherme H. Polo Goncalves
- Previous message: [Python-Dev] heads up on svn.python.org ssh keys - debian/ubuntu users may need new ones
- Next message: [Python-Dev] heads up on svn.python.org ssh keys - debian/ubuntu users may need new ones
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]