Package: openssh-client Version: 1:4.3p2-9etch1 Severity: normal
When options are used in an authorized_keys file ssh-vulnkey fails to identify the key as being vulnerable to dsa-1576. This example reproduces it with a known bad key: gateway:~# ssh-vulnkey bad_key.pub COMPROMISED: 2048 99:9c:fe:67:a5:eb:1f:54:06:85:a2:43:0e:ad:0b:c6 bad_key.pub gateway:~# ssh-vulnkey bad_bad_key.pub gateway:~# diff bad_key.pub bad_bad_key.pub 1c1 < ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEArnzR8H6UAFTVWMmxYwbNaCRm656cPiskUPueovqGhzOtAErRQJxvmaoxDcyBBHVb0y7qUchVI4EWW0Z/lf20jppQIrIAFcLjUuU4y4mqaMVuU1RM0VdKj7jaM8JYvU1/8kGFMtFFQWcbRfihd2y+EbwxyRaNp6GCCC2EoqXZSy2RlrGtvMiUp41Lie50aV5Mj0DkLfICTNVxj20gedbYn6K45ybYe2lGDqwDCY9j6FWj9taUW7CIbVsV+oJWzZXhMuwbUwc6hNDqyqHaeTyaj2bmI6QyFJhlbiCyUtYIyOfgc0VO1dCuWr9/qPZxbAjY28T14lFHlS/0oambyA9how== [EMAIL PROTECTED] --- > command="/usr/bin/cvs > server",no-port-forwarding,no-pty,no-X11-forwarding,no-agent-forwarding > ssh-rsa > AAAAB3NzaC1yc2EAAAABIwAAAQEArnzR8H6UAFTVWMmxYwbNaCRm656cPiskUPueovqGhzOtAErRQJxvmaoxDcyBBHVb0y7qUchVI4EWW0Z/lf20jppQIrIAFcLjUuU4y4mqaMVuU1RM0VdKj7jaM8JYvU1/8kGFMtFFQWcbRfihd2y+EbwxyRaNp6GCCC2EoqXZSy2RlrGtvMiUp41Lie50aV5Mj0DkLfICTNVxj20gedbYn6K45ybYe2lGDqwDCY9j6FWj9taUW7CIbVsV+oJWzZXhMuwbUwc6hNDqyqHaeTyaj2bmI6QyFJhlbiCyUtYIyOfgc0VO1dCuWr9/qPZxbAjY28T14lFHlS/0oambyA9how== > [EMAIL PROTECTED] Regards, -Brett. -- System Information: Debian Release: 4.0 APT prefers stable APT policy: (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.18-6-686 Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) Versions of packages openssh-client depends on: ii add 3.102 Add and remove users and groups ii deb 1.5.11etch1 Debian configuration management sy ii dpk 1.13.25 package maintenance system for Deb ii lib 2.3.6.ds1-13etch4 GNU C Library: Shared libraries ii lib 1.39+1.40-WIP-2006.11.14+dfsg-2etch1 common error description library ii lib 2.9.cvs.20050518-2.2 BSD editline and history libraries ii lib 1.4.4-7etch4 MIT Kerberos runtime libraries ii lib 5.5-5 Shared libraries for terminal hand ii lib 0.9.8c-4etch3 SSL shared libraries ii pas 1:4.0.18.1-7 change and administer password and ii zli 1:1.2.3-13 compression library - runtime openssh-client recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]