summaryrefslogtreecommitdiff
AgeCommit message (Collapse)Author
2008-05-26Add key type to ssh-vulnkey output.Colin Watson
2008-05-26Document ssh-vulnkey key status descriptions (thanks, Hugh Daniel).Colin Watson
2008-05-25Move ssh-vulnkey's exit status documentation to a separate sectionColin Watson
(thanks, Hugh Daniel).
2008-05-25Add -v (verbose) option to ssh-vulnkey, and don't print output for keysColin Watson
that have a blacklist file but that are not listed unless in verbose mode (thanks, Hugh Daniel).
2008-05-25Log IP addresses of hosts attempting to use blacklisted keys (closes:Colin Watson
#481721).
2008-05-25update for new blacklisted_key interfaceColin Watson
2008-05-25Update Italian (thanks, Luca Monducci; closes: #482808).Colin Watson
2008-05-25Update Swedish (thanks, Martin Bagge; closes: #482464).Colin Watson
2008-05-25Restore OOM killer adjustment for child processes (thanks, Vaclav Ovsik;Colin Watson
closes: #480020).
2008-05-25ensure executabilityColin Watson
2008-05-25Remove 0 and 6 from Default-Stop in init script (thanks, Kel Modderman;Colin Watson
closes: #481151).
2008-05-25Make init script depend on $syslog, and fix some other dependencyColin Watson
glitches (thanks, Petter Reinholdtsen; closes: #481018).
2008-05-25Update Russian (thanks, Yuri Kozlov; closes: #482887).Colin Watson
2008-05-25Check for blacklists in /usr/share/ssh/ as well as /etc/ssh/ (seeColin Watson
#481283).
2008-05-25Make ssh-vulnkey report the file name and line number for each keyColin Watson
(thanks, Heiko Schlittermann and Christopher Perry; closes: #481398).
2008-05-25recommending openssh-blacklist closes: #481187Colin Watson
2008-05-25 - Update Turkish (thanks, Mert Dirik; closes: #482548).Colin Watson
2008-05-21Update Spanish (thanks, Javier Fernandez-Sanguino Peña; closes:Colin Watson
#482341).
2008-05-21Recommend openssh-blacklist-extra from openssh-client andColin Watson
openssh-server.
2008-05-21Recommend openssh-blacklist from openssh-client.Colin Watson
2008-05-20Generate two keys with the PID forced to the same value and test thatColin Watson
they differ, to defend against recurrences of the recent Debian OpenSSL vulnerability.
2008-05-19Update Vietnamese (thanks, Clytie Siddall; closes: #481876).Colin Watson
2008-05-19Update Bulgarian (thanks, Damyan Ivanov; closes: #481870).Colin Watson
2008-05-19Update Basque (thanks, Piarres Beobide; closes: #481836).Colin Watson
2008-05-18sync changelog credit with Last-TranslatorColin Watson
2008-05-18Update Portuguese (thanks, Rui Branco; closes: #481781).Colin Watson
2008-05-18Update German (thanks, Helge Kreutzmann; closes: #481676).Colin Watson
2008-05-17Update Czech (thanks, Miroslav Kure; closes: #481624).Colin Watson
2008-05-17update Finnish againColin Watson
2008-05-17Update Japanese (thanks, Kenshi Muto; closes: #481621).Colin Watson
2008-05-17Update Galician (thanks, Jacobo Tarrio; closes: #481596).Colin Watson
2008-05-17Update Norwegian Bokmål (thanks, Bjørn Steensrud; closes: #481591).Colin Watson
2008-05-17Update French (thanks, Christian Perrier; closes: #481576).Colin Watson
2008-05-17Check RSA1 keys without the need for a separate blacklist. Thanks toColin Watson
Simon Tatham for the idea.
2008-05-17update Finnish translationColin Watson
2008-05-17debconf-updatepoColin Watson
2008-05-17${HOST_KEYS} not translatableColin Watson
2008-05-17Fix typo in ssh/vulnerable_host_keys message (thanks, Esko Arajärvi).Colin Watson
2008-05-14releasing version 1:4.7p1-10Colin Watson
2008-05-14clarifyColin Watson
2008-05-14ssh-vulnkey handles options in authorized_keys (LP: #230029).Colin Watson
2008-05-14ignore debian/*.debhelper.logColin Watson
2008-05-14Add a FILES section to ssh-vulnkey(1) (thanks, Hugh Daniel).Colin Watson
2008-05-13releasing version 1:4.7p1-9Colin Watson
2008-05-13changed ssh-vulnkey outputColin Watson
2008-05-13update from mdzColin Watson
2008-05-13compressionColin Watson
2008-05-13add repair instructions from MattColin Watson
2008-05-13add CVE identifier for OpenSSL vulnerabilityColin Watson
2008-05-12* Mitigate OpenSSL security vulnerability:Colin Watson
- Add key blacklisting support. Keys listed in /etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by sshd, unless "PermitBlacklistedKeys yes" is set in /etc/ssh/sshd_config. - Add a new program, ssh-vulnkey, which can be used to check keys against these blacklists. - Depend on openssh-blacklist. - Force dependencies on libssl0.9.8 / libcrypto0.9.8-udeb to at least 0.9.8g-9. - Automatically regenerate known-compromised host keys, with a critical-priority debconf note. (I regret that there was no time to gather translations.)