05/16/2008
SSH security changes

It was recently discovered that Debian Linux had modified SSL encryption to inadvertently generate weak keys from 2006 until very recently. SSH on DragonFly now includes a tool to check for this issue, and will deny people using those weak keys.

Categories Committed Code
«Synchronizing releases
Code comparison for multiple kernels »

2 Responses to “SSH security changes”

Track Responses to This Entry With the RSS Feed Send a Trackback Write a Response

  1. 1Matt on May 17, 2008 at 5:15 pm:

    I think the Debian developers actually modified the OpenSSL package, which is used by OpenSSH (the post says “[...] had modified SSH [...]“). It didn’t sound like any direct modifications to the OpenSSH package contributed to the problem. The “Debian: Guaranteed Entropy” picture is awesome, though. lol

  2. 2justin on May 17, 2008 at 7:03 pm:

    Yeah, good point - I changed the wording to match.

Leave a Reply

Name Email Website URI