Package: openssh-client Version: 1:4.7p1-10 Severity: important Tags: security X-Debbugs-CC: [EMAIL PROTECTED]
--- Please enter the report below this line. --- I have the packages openssh-blacklist and openssh-blacklist-extra installed. If I run "ssh-vulnkey -a" I get no output, either by running it as user or as root. Nevertheless: # perl dowkd.pl user /home/username/.ssh/known_hosts:1: weak key (OpenSSH/rsa/2048) /home/username/.ssh/known_hosts:2: weak key (OpenSSH/rsa/2048) summary: keys found: 2, weak keys: 2 I am deleting the file /home/username/.ssh/known_hosts right now, so I am afraid it will not be available for debugging :-( --- System information. --- Architecture: i386 Kernel: Linux 2.6.24-1-686 Debian Release: lenny/sid 990 unstable www.debian-multimedia.org 990 unstable ftp.uk.debian.org 500 stable dl.google.com 500 experimental www.debian-multimedia.org 1 experimental ftp.uk.debian.org --- Package information. --- Depends (Version) | Installed =======================================-+-======================== libc6 (>= 2.7-1) | 2.7-11 libcomerr2 (>= 1.33-3) | 1.40.8-2 libedit2 (>= 2.5.cvs.20010821-1) | 2.9.cvs.20050518-4 libkrb53 (>= 1.6.dfsg.2) | 1.6.dfsg.3-2 libncurses5 (>= 5.6+20071006-3) | 5.6+20080503-1 libssl0.9.8 (>= 0.9.8g-9) | 0.9.8g-10 zlib1g (>= 1:1.1.4) | 1:1.2.3.3.dfsg-12 debconf (>= 1.2.0) | 1.5.22 OR debconf-2.0 | adduser (>= 3.10) | 3.107 dpkg (>= 1.7.0) | 1.14.19 passwd | 1:4.1.1-1