[ale] Debian Security Advisory...
Jim Popovitch
yahoo at jimpop.com
Wed May 14 06:31:53 EDT 2008
On Wed, May 14, 2008 at 1:07 PM, Jim Philips <philips_jim at bellsouth.net> wrote:
> On Wednesday 14 May 2008 02:04:07 am Brian Pitts wrote:
>> Jim Popovitch wrote:
>> > Further to all this (and top posted to gain maximum attention), Debian
>> > and Ubuntu users need to MANUALLY regenerate ssh HOST keys
>> > (/etc/ssh/ssh_host_*key*)
>>
>> I don't think Ubuntu users do. After applying the updates to Ubuntu 7.10
>
> I don't think Hardy Heron users do either...if they update today. This
> morning, I was greeted to updates on everything related to SSL host keys. The
> update included a black list.
Yeah, it seems Ubuntu re-generated host keys for you. I guess Debian
was being a bit more cautious. Of course, I see that there is now a
2nd Debian openssh-server/client update within 24 hours.... Geeze.
-Jim P.
More information about the Ale
mailing list