diff options
| author | Colin Watson <cjwatson@debian.org> | 2008-05-17 07:48:57 +0000 |
|---|---|---|
| committer | Colin Watson <cjwatson@debian.org> | 2008-05-17 07:48:57 +0000 |
| commit | 1f920ffc4c4f933e3c4e8c474460385fea131266 (patch) | |
| tree | 7c23ed1becb8b315640229ad8eb18405b532151a /ssh-vulnkey.1 | |
| parent | 7eb2c79966e70e03a1ecbdf9077d64299241bd3a (diff) | |
Check RSA1 keys without the need for a separate blacklist. Thanks to
Simon Tatham for the idea.
Diffstat (limited to 'ssh-vulnkey.1')
| -rw-r--r-- | ssh-vulnkey.1 | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/ssh-vulnkey.1 b/ssh-vulnkey.1 index 41de104de..73570fcad 100644 --- a/ssh-vulnkey.1 +++ b/ssh-vulnkey.1 | |||
| @@ -166,13 +166,15 @@ If present, contains the protocol version 1 RSA identity of the system. | |||
| 166 | .It Pa /etc/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH | 166 | .It Pa /etc/ssh/blacklist. Ns Ar TYPE Ns Pa - Ns Ar LENGTH |
| 167 | If present, lists the blacklisted keys of type | 167 | If present, lists the blacklisted keys of type |
| 168 | .Ar TYPE | 168 | .Ar TYPE |
| 169 | .Pf ( Dq RSA1 , | 169 | .Pf ( Dq RSA |
| 170 | .Dq RSA , | ||
| 171 | or | 170 | or |
| 172 | .Dq DSA ) | 171 | .Dq DSA ) |
| 173 | and bit length | 172 | and bit length |
| 174 | .Ar LENGTH . | 173 | .Ar LENGTH . |
| 175 | The format of this file is described above. | 174 | The format of this file is described above. |
| 175 | RSA1 keys are converted to RSA before being checked in the blacklist. | ||
| 176 | Note that the fingerprints of RSA1 keys are computed differently, so you | ||
| 177 | will not be able to find them in the blacklist by hand. | ||
| 176 | .El | 178 | .El |
| 177 | .Sh SEE ALSO | 179 | .Sh SEE ALSO |
| 178 | .Xr ssh-keygen 1 , | 180 | .Xr ssh-keygen 1 , |