Paul Johnson wrote: > Debian/Ubuntu systems that had the ssh key flaw last year? If a key > was generated on those systems, my understanding is that open ssh > will reject it for security reasons. I don't think the Fedora packages rejected such keys by default. I know that Debian and Ubuntu's packages contain patches which implement a partial blacklist of keys that are checked. I don't think that's upstream or in the Fedora packages though. (I checked by grepping for blacklist in the the F-10 branch of openssh.) -- Todd OpenPGP -> KeyID: 0xBEAF0CE3 | URL: www.pobox.com/~tmz/pgp ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Democracy is the theory that the common people know what they want, and deserve to get it good and hard. -- H.L. Mencken, "Little Book in C major", 1916
Attachment:
pgpMoXTrBiYYQ.pgp
Description: PGP signature
-- fedora-list mailing list fedora-list@xxxxxxxxxx To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list Guidelines: http://fedoraproject.org/wiki/Communicate/MailingListGuidelines