From 8909ff0e3cd07d1b042d1be1c8b8828dbf6c9a83 Mon Sep 17 00:00:00 2001
From: Colin Watson <cjwatson@ubuntu.com>
Date: Sun, 9 Feb 2014 16:09:50 +0000
Subject: Reject vulnerable keys to mitigate Debian OpenSSL flaw

In 2008, Debian (and derived distributions such as Ubuntu) shipped an
OpenSSL package with a flawed random number generator, causing OpenSSH to
generate only a very limited set of keys which were subject to private half
precomputation.  To mitigate this, this patch checks key authentications
against a blacklist of known-vulnerable keys, and adds a new ssh-vulnkey
program which can be used to explicitly check keys against that blacklist.
See CVE-2008-0166.

Bug: https://bugzilla.mindrot.org/show_bug.cgi?id=1469
Last-Update: 2013-09-14

Patch-Name: ssh-vulnkey.patch
---
 ssh.1 | 1 +
 1 file changed, 1 insertion(+)

(limited to 'ssh.1')

diff --git a/ssh.1 b/ssh.1
index 62292cc09..66a7007d7 100644
--- a/ssh.1
+++ b/ssh.1
@@ -1447,6 +1447,7 @@ if an error occurred.
 .Xr ssh-agent 1 ,
 .Xr ssh-keygen 1 ,
 .Xr ssh-keyscan 1 ,
+.Xr ssh-vulnkey 1 ,
 .Xr tun 4 ,
 .Xr hosts.equiv 5 ,
 .Xr ssh_config 5 ,
-- 
cgit v1.2.3