[Klug-general] SSL bug

Laurence Southon laurence at southon.uk.net
Thu May 22 09:52:24 BST 2008


Karl Lattimer wrote:
> 
> 
> You obviously don't understand the problem, this is a massive task to fix,
> updating the package is nothing, its all of those ssl and ssh keys that
> need to be regenerated the thousands of man hours required to perform this
> task and the impending doom of hackers actively exploiting the left over
> mess of the bug.
>

Yes, that's a lot of key pairs that need to be replaced. It's tedious
rather than difficult.

Just a word of caution to anyone updating a remote server: do be careful
in the order in which you do it. There's a risk of locking yourself out,
if you update SSH and then your old key gets rejected as vulnerable.

Regards,

Laurence Southon



More information about the Kent mailing list