blob: 581d719562b3c5a2ff093ca9ff35516334a3592d (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
|
# These templates have been reviewed by the debian-l10n-english
# team
#
# If modifications/additions/rewording are needed, please ask
# for an advice to debian-l10n-english@lists.debian.org
#
# Even minor modifications require translation updates and such
# changes should be coordinated with translators and reviewers.
#
Template: ssh/vulnerable_host_keys
Type: note
#flag:translate!:5
_Description: Vulnerable host keys will be regenerated
Some of the OpenSSH server host keys on this system were generated with a
version of OpenSSL that had a broken random number generator. As a result,
these host keys are from a well-known set, are subject to brute-force
attacks, and must be regenerated.
.
Users of this system should be informed of this change, as they will be
prompted about the host key change the next time they log in. Use
'ssh-keygen -l -f HOST_KEY_FILE' after the upgrade to print the
fingerprints of the new host keys.
.
The affected host keys are:
.
${HOST_KEYS}
.
User keys may also be affected by this problem. The 'ssh-vulnkey' command
may be used as a partial test for this. See
/usr/share/doc/openssh-server/README.compromised-keys.gz for more details.
|