Reading more, this is a pretty scary bug. Here is a link to the original security advisory: http://www.us.debian.org/security/2008/dsa-1571
The detection tool was kinda tricky to figure out how to use so more info is here: http://wiki.debian.org/SSLkeys#head-45e521140d6b8f2a0f96a115a5fc616c4f1baf0b So running the detection script, using myself as an example, you want to see something like this: $ perl dowkd.pl user notice: creating database, please wait /home/me/.ssh/known_hosts:1: 2048 bits DSA key not recommended /home/me/.ssh/known_hosts:9: 2048 bits DSA key not recommended /home/me/.ssh/known_hosts:10: 2048 bits DSA key not recommended /home/me/.ssh/known_hosts:36: 2048 bits DSA key not recommended /home/me/.ssh/known_hosts:90: 512 bits DSA key not recommended /home/me/.ssh/known_hosts:93: 2048 bits DSA key not recommended /home/me/.ssh/known_hosts:97: 2048 bits DSA key not recommended summary: keys found: 99, weak keys: 0 A good write up here as well: http://metasploit.com/users/hdm/tools/debian-openssl/ - Julian --- Peter Besenbruch <[EMAIL PROTECTED]> wrote: > On Tuesday 13 May 2008 13:07:47 David Kiwerski wrote: > > Interesting - I just upgraded my Mepis on this machine with > an ssh/ssl > > update. Is the update no good? > > Debian usually announces the updates several days after > actually posting them. > If you use Synaptic, it's easy to check the changelog of the > package. > -- > Hawaiian Astronomical Society: http://www.hawastsoc.org > HAS Deepsky Atlas: http://www.hawastsoc.org/deepsky > _______________________________________________ > LUAU@lists.hosef.org mailing list > http://lists.hosef.org/listinfo.cgi/luau-hosef.org > _______________________________________________ LUAU@lists.hosef.org mailing list http://lists.hosef.org/listinfo.cgi/luau-hosef.org