summaryrefslogtreecommitdiff
path: root/regress/test-exec.sh
diff options
context:
space:
mode:
authorColin Watson <cjwatson@debian.org>2008-05-12 23:33:01 +0000
committerColin Watson <cjwatson@debian.org>2008-05-12 23:33:01 +0000
commit47608c17e64138f8d16aa2bdc49a0eb00e1c3549 (patch)
tree92572d90b9aa8f45c0d9e6dbb185065667fdcea0 /regress/test-exec.sh
parent19ccea525446d5a3c2a176d813c505be81b91cbf (diff)
* Mitigate OpenSSL security vulnerability:
- Add key blacklisting support. Keys listed in /etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by sshd, unless "PermitBlacklistedKeys yes" is set in /etc/ssh/sshd_config. - Add a new program, ssh-vulnkey, which can be used to check keys against these blacklists. - Depend on openssh-blacklist. - Force dependencies on libssl0.9.8 / libcrypto0.9.8-udeb to at least 0.9.8g-9. - Automatically regenerate known-compromised host keys, with a critical-priority debconf note. (I regret that there was no time to gather translations.)
Diffstat (limited to 'regress/test-exec.sh')
0 files changed, 0 insertions, 0 deletions