[Gllug] Debian / Ubuntu SSL vulnerability
James Holland
holland.james at yahoo.co.uk
Wed May 14 10:41:03 UTC 2008
On Wed, 2008-05-14 at 10:57 +0100, John Winters wrote:
> Looking at the Ubuntu notifications it seems that they have already done
> much the same. Although a worthy catch-all, the problem I see with this
> is that if you have a headless or remote box then applying the update
> could easily lock you out of it entirely.
Thanks for this. I just upgraded my Ubuntu Hardy PC and generated new
keys before updating my authorized_keys files. Running ssh-vulnkey on my
old key showed that it was COMPROMISED!
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list