Debian OpenSSL

Posted Fri 16 May 2008 20:20 under category tips

Sorry readers, no *nix Tip of the Day today. Just a brief word about the recent Debian OpenSSL vulnerability.

I'm sure you've heard about Debian's OpenSSL "Disaster". The short of it is that while fixing a questionable line in the OpenSSL/OpenSSH key generator, the Debian maintainer accidentally removed most of its entropy generation ability. Debian users with OpenSSL and/or OpenSSH keys should go regenerate them now. I'll wait.

Anyhow, the other interesting thing I wanted to post about was this. It's some interesting math showing why you shouldn't be using DSA keys anyway.

Oh yeah, and I'm done with classes and finals now. :-)


Comments