summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--debian/changelog2
-rw-r--r--ssh-vulnkey.14
-rw-r--r--ssh-vulnkey.c2
3 files changed, 5 insertions, 3 deletions
diff --git a/debian/changelog b/debian/changelog
index e14cb2a26..7978dcfb8 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -56,6 +56,8 @@ openssh (1:4.7p1-11) UNRELEASED; urgency=low
56 problems. 56 problems.
57 - Drop to the user's UID when reading user keys with -a. 57 - Drop to the user's UID when reading user keys with -a.
58 - Use EUID rather than UID when run with no file names and without -a. 58 - Use EUID rather than UID when run with no file names and without -a.
59 - Reword "Unknown (no blacklist information)" to "Unknown (blacklist
60 file not installed)".
59 61
60 -- Colin Watson <cjwatson@debian.org> Sat, 17 May 2008 08:48:45 +0200 62 -- Colin Watson <cjwatson@debian.org> Sat, 17 May 2008 08:48:45 +0200
61 63
diff --git a/ssh-vulnkey.1 b/ssh-vulnkey.1
index f8a575fe2..bcb9d31c6 100644
--- a/ssh-vulnkey.1
+++ b/ssh-vulnkey.1
@@ -94,7 +94,7 @@ looks like this:
94.Bd -literal -offset indent 94.Bd -literal -offset indent
95/etc/ssh/ssh_host_key:1: COMPROMISED: RSA1 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx root@host 95/etc/ssh/ssh_host_key:1: COMPROMISED: RSA1 2048 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx root@host
96/home/user/.ssh/id_dsa:1: Not blacklisted: DSA 1024 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx /home/user/.ssh/id_dsa.pub 96/home/user/.ssh/id_dsa:1: Not blacklisted: DSA 1024 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx /home/user/.ssh/id_dsa.pub
97/home/user/.ssh/authorized_keys:3: Unknown (no blacklist information): RSA 1024 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx user@host 97/home/user/.ssh/authorized_keys:3: Unknown (blacklist file not installed): RSA 1024 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx user@host
98.Ed 98.Ed
99.Pp 99.Pp
100Each line is of the following format (any lines beginning with 100Each line is of the following format (any lines beginning with
@@ -120,7 +120,7 @@ may be used safely.
120(Note that DSA keys used with the broken version of OpenSSL distributed 120(Note that DSA keys used with the broken version of OpenSSL distributed
121by Debian may be compromised in the event that anyone captured a network 121by Debian may be compromised in the event that anyone captured a network
122trace, even if they were generated with a secure version of OpenSSL.) 122trace, even if they were generated with a secure version of OpenSSL.)
123.It Unknown (no blacklist file) 123.It Unknown (blacklist file not installed)
124No blacklist file exists for this key type and size. 124No blacklist file exists for this key type and size.
125You should find a suitable published blacklist and install it before 125You should find a suitable published blacklist and install it before
126deciding whether this key is safe to use. 126deciding whether this key is safe to use.
diff --git a/ssh-vulnkey.c b/ssh-vulnkey.c
index 0ac08dc2b..e0e3f4c2f 100644
--- a/ssh-vulnkey.c
+++ b/ssh-vulnkey.c
@@ -108,7 +108,7 @@ do_key(const char *filename, u_long linenum,
108 blacklist_status = blacklisted_key(public); 108 blacklist_status = blacklisted_key(public);
109 if (blacklist_status == -1) 109 if (blacklist_status == -1)
110 describe_key(filename, linenum, 110 describe_key(filename, linenum,
111 "Unknown (no blacklist information)", key, comment, 0); 111 "Unknown (blacklist file not installed)", key, comment, 0);
112 else if (blacklist_status == 1) { 112 else if (blacklist_status == 1) {
113 describe_key(filename, linenum, 113 describe_key(filename, linenum,
114 "COMPROMISED", key, comment, 0); 114 "COMPROMISED", key, comment, 0);