summaryrefslogtreecommitdiff
path: root/ssh-vulnkey.1
AgeCommit message (Collapse)Author
2008-05-25Check for blacklists in /usr/share/ssh/ as well as /etc/ssh/ (seeColin Watson
#481283).
2008-05-17Check RSA1 keys without the need for a separate blacklist. Thanks toColin Watson
Simon Tatham for the idea.
2008-05-14Add a FILES section to ssh-vulnkey(1) (thanks, Hugh Daniel).Colin Watson
2008-05-12* Mitigate OpenSSL security vulnerability:Colin Watson
- Add key blacklisting support. Keys listed in /etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by sshd, unless "PermitBlacklistedKeys yes" is set in /etc/ssh/sshd_config. - Add a new program, ssh-vulnkey, which can be used to check keys against these blacklists. - Depend on openssh-blacklist. - Force dependencies on libssl0.9.8 / libcrypto0.9.8-udeb to at least 0.9.8g-9. - Automatically regenerate known-compromised host keys, with a critical-priority debconf note. (I regret that there was no time to gather translations.)
generated by cgit v1.2.3 (git 2.39.1) at 2024-09-21 11:32:05 +0000