diff options
author | Colin Watson <cjwatson@ubuntu.com> | 2014-02-09 16:09:50 +0000 |
---|---|---|
committer | Colin Watson <cjwatson@debian.org> | 2014-02-09 16:17:31 +0000 |
commit | 8909ff0e3cd07d1b042d1be1c8b8828dbf6c9a83 (patch) | |
tree | ebee4092f1411059e34da6f66b4ebd64f4411020 /auth-rsa.c | |
parent | 07f2a771c490bd68cd5c5ea9c535705e93bd94f3 (diff) |
Reject vulnerable keys to mitigate Debian OpenSSL flaw
In 2008, Debian (and derived distributions such as Ubuntu) shipped an
OpenSSL package with a flawed random number generator, causing OpenSSH to
generate only a very limited set of keys which were subject to private half
precomputation. To mitigate this, this patch checks key authentications
against a blacklist of known-vulnerable keys, and adds a new ssh-vulnkey
program which can be used to explicitly check keys against that blacklist.
See CVE-2008-0166.
Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1469
Last-Update: 2013-09-14
Patch-Name: ssh-vulnkey.patch
Diffstat (limited to 'auth-rsa.c')
-rw-r--r-- | auth-rsa.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/auth-rsa.c b/auth-rsa.c index 545aa496a..6ed152c5f 100644 --- a/auth-rsa.c +++ b/auth-rsa.c | |||
@@ -237,7 +237,7 @@ rsa_key_allowed_in_file(struct passwd *pw, char *file, | |||
237 | free(fp); | 237 | free(fp); |
238 | 238 | ||
239 | /* Never accept a revoked key */ | 239 | /* Never accept a revoked key */ |
240 | if (auth_key_is_revoked(key)) | 240 | if (auth_key_is_revoked(key, 0)) |
241 | break; | 241 | break; |
242 | 242 | ||
243 | /* We have found the desired key. */ | 243 | /* We have found the desired key. */ |