Bug#481336: openssh-blacklist: provide blacklist for RSA 4096

2008-05-18 Thread Colin Watson
On Sun, May 18, 2008 at 02:16:31PM +0200, Vincent Danjean wrote: > Colin Watson wrote: > > On Fri, May 16, 2008 at 11:59:44AM +0200, Raphael Hertzog wrote: > >> Lucas has access to GRID-5000 and could generate the keys if someone > >> provides him the required information to do the task given that

Bug#481336: openssh-blacklist: provide blacklist for RSA 4096

2008-05-18 Thread Vincent Danjean
Colin Watson wrote: > On Fri, May 16, 2008 at 11:59:44AM +0200, Raphael Hertzog wrote: >> Lucas has access to GRID-5000 and could generate the keys if someone >> provides him the required information to do the task given that the >> nodes are amd64 (but he uses them as i386 by default with linux32

Bug#481336: openssh-blacklist: provide blacklist for RSA 4096

2008-05-16 Thread Colin Watson
On Fri, May 16, 2008 at 03:32:29AM -0700, Kees Cook wrote: > Certainly. In the interests of keeping the default-key blacklist > package small, how about calling the new lists -rsa512 and -rsa4096, > etc? How about openssh-blacklist-extra for everything other than defaults? -- Colin Watson

Bug#481336: openssh-blacklist: provide blacklist for RSA 4096

2008-05-16 Thread Kees Cook
On Fri, May 16, 2008 at 11:16:32AM +0100, Colin Watson wrote: > On Fri, May 16, 2008 at 11:59:44AM +0200, Raphael Hertzog wrote: > > On Thu, 15 May 2008, Jon Dowland wrote: > > > there's a tarball of 32bit/le rsa 4096 key pairs at > > > . > > >

Bug#481336: openssh-blacklist: provide blacklist for RSA 4096

2008-05-16 Thread Raphael Hertzog
On Thu, 15 May 2008, Jon Dowland wrote: > there's a tarball of 32bit/le rsa 4096 key pairs at > . > > I'm trying to build a blacklist for these keys*. It would be > nice if one was included in the package. Until those lists are complete (ie f

Bug#481336: openssh-blacklist: provide blacklist for RSA 4096

2008-05-16 Thread Colin Watson
On Fri, May 16, 2008 at 11:59:44AM +0200, Raphael Hertzog wrote: > On Thu, 15 May 2008, Jon Dowland wrote: > > there's a tarball of 32bit/le rsa 4096 key pairs at > > . > > > > I'm trying to build a blacklist for these keys*. It would be > > n

Bug#481336: openssh-blacklist: provide blacklist for RSA 4096

2008-05-15 Thread Jon Dowland
Sorry, I didn't see the discussion along these lines in the other bug at the time I wrote this one. On Thu, May 15, 2008 at 12:18:52PM +0100, Jon Dowland wrote: > also, the ssh-vulnkey(1) manpage > says lines must be 20 chars long and strip the first 12 > bytes, ye

Bug#481336: openssh-blacklist: provide blacklist for RSA 4096

2008-05-15 Thread Jon Dowland
Package: openssh-blacklist Version: 0.1.0 Severity: normal Hi folks, there's a tarball of 32bit/le rsa 4096 key pairs at . I'm trying to build a blacklist for these keys*. It would be nice if one was included in the package. [ * having some