openssh.git -

Age	Commit message (Collapse)	Author
2008-05-25	Add -v (verbose) option to ssh-vulnkey, and don't print output for keys	Colin Watson
	that have a blacklist file but that are not listed unless in verbose mode (thanks, Hugh Daniel).
2008-05-25	Check for blacklists in /usr/share/ssh/ as well as /etc/ssh/ (see	Colin Watson
	#481283).
2008-05-25	Make ssh-vulnkey report the file name and line number for each key	Colin Watson
	(thanks, Heiko Schlittermann and Christopher Perry; closes: #481398).
2008-05-17	Check RSA1 keys without the need for a separate blacklist. Thanks to	Colin Watson
	Simon Tatham for the idea.
2008-05-14	ssh-vulnkey handles options in authorized_keys (LP: #230029).	Colin Watson

2008-05-12	* Mitigate OpenSSL security vulnerability:	Colin Watson
	- Add key blacklisting support. Keys listed in /etc/ssh/blacklist.TYPE-LENGTH will be rejected for authentication by sshd, unless "PermitBlacklistedKeys yes" is set in /etc/ssh/sshd_config. - Add a new program, ssh-vulnkey, which can be used to check keys against these blacklists. - Depend on openssh-blacklist. - Force dependencies on libssl0.9.8 / libcrypto0.9.8-udeb to at least 0.9.8g-9. - Automatically regenerate known-compromised host keys, with a critical-priority debconf note. (I regret that there was no time to gather translations.)