Paul Johnson wrote:
> Debian/Ubuntu systems that had the ssh key flaw last year? If a key
> was generated on those systems, my understanding is that open ssh
> will reject it for security reasons.
I don't think the Fedora packages rejected such keys by default. I
know that Debian and Ubuntu's packages contain patches which implement
a partial blacklist of keys that are checked. I don't think that's
upstream or in the Fedora packages though. (I checked by grepping for
blacklist in the the F-10 branch of openssh.)
--
Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Democracy is the theory that the common people know what they want,
and deserve to get it good and hard.
-- H.L. Mencken, "Little Book in C major", 1916
Attachment:
pgpMoXTrBiYYQ.pgp
Description: PGP signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines
