Re: openssl vulnerability and RSA keys
Ross Boylan <[EMAIL PROTECTED]> writes: > > The recent security advisory for Debian's version of openssl says that > you should regenerate all keys, and that DSA keys should be considered > compromised. > > Does this mean that RSA keys for openssh should not be considered > compromised? If so, why the need to regenerate them? To clarify, *all* SSH keys, whether DSA or RSA, generated using the bad version of OpenSSL are garbage: they are easily guessable. Furthermore, as I read the advisories and other sources, because of the way DSA keys are used, even strong DSA keys (generated by good versions of OpenSSL) are compromised if they were used locally with the bad OpenSSL. "Locally" here means that the strong DSA key was used on the same side of the connection as the bad OpenSSL: if you used a user DSA key to "ssh" to a remote server and your local OpenSSL library was bad, or if a server DSA key was used by "sshd" to accept a remote connection and the server's OpenSSL library was bad, then the respective key is compromised (even if it was a strong key generated by a good OpenSSL library). "Compromised" means that anyone who intercepted and saved such an SSH conversation can now use this new knowledge of the OpenSSL vulnerability to recover the private DSA key from the connection data. At least, that's how I've interpreted what I've heard. -- Kevin Buhr <[EMAIL PROTECTED]> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: openssl vulnerability and RSA keys
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 On 05/13/08 19:36, Nelson Castillo wrote: > On Tue, May 13, 2008 at 7:05 PM, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: >> On May 13, 2:20 pm, Ross Boylan <[EMAIL PROTECTED]> wrote: >> > Does this mean that RSA keys for openssh should not be considered >> > compromised? If so, why the need to regenerate them? >> >> On our systems the dowkd.pl script found weak DSA and RSA keys, both >> as host keys, and as user-generated keypairs. We've regenerated the >> RSA keys as well. > > ~$ ./dowkd.pl user nelson > /home/nelson/.ssh/authorized_keys:1: weak key > /home/nelson/.ssh/id_rsa.pub:1: warning: no suitable blacklist $ ./dowkd.pl user me $ I think I generated my keys long-enough ago that they aren't broken. - -- Ron Johnson, Jr. Jefferson LA USA We want... a Shrubbery!! -BEGIN PGP SIGNATURE- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFIKkYnS9HxQb37XmcRAtUEAKDHhx1sS9M3a6Eyu1GtXX+YYtv3NwCfXgxU fTInSLMWPd+8amsUCHSBpxs= =y5oG -END PGP SIGNATURE- -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: openssl vulnerability and RSA keys
On Tue, May 13, 2008 at 7:05 PM, [EMAIL PROTECTED] <[EMAIL PROTECTED]> wrote: > On May 13, 2:20 pm, Ross Boylan <[EMAIL PROTECTED]> wrote: > > Does this mean that RSA keys for openssh should not be considered > > compromised? If so, why the need to regenerate them? > > On our systems the dowkd.pl script found weak DSA and RSA keys, both > as host keys, and as user-generated keypairs. We've regenerated the > RSA keys as well. ~$ ./dowkd.pl user nelson /home/nelson/.ssh/authorized_keys:1: weak key /home/nelson/.ssh/id_rsa.pub:1: warning: no suitable blacklist Fortunately I've had sshd turned off for some time. Ops... N.- -- http://arhuaco.org -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
Re: openssl vulnerability and RSA keys
On May 13, 2:20 pm, Ross Boylan <[EMAIL PROTECTED]> wrote: > Does this mean that RSA keys for openssh should not be considered > compromised? If so, why the need to regenerate them? On our systems the dowkd.pl script found weak DSA and RSA keys, both as host keys, and as user-generated keypairs. We've regenerated the RSA keys as well. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
openssl vulnerability and RSA keys
The recent security advisory for Debian's version of openssl says that you should regenerate all keys, and that DSA keys should be considered compromised. Does this mean that RSA keys for openssh should not be considered compromised? If so, why the need to regenerate them? Thanks. Ross Boylan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]