On Thu, 2008-05-15 at 08:09 +0200, Norbert Preining wrote:
> On Do, 15 Mai 2008, Steinar H. Gunderson wrote:
> > No. Any key who had a single DSA signature created by the flawed version of
> > OpenSSL should be considered compromised. DSA requires a secret, random
>
> Does this extend to gpg keys
On Do, 15 Mai 2008, Steinar H. Gunderson wrote:
> No. Any key who had a single DSA signature created by the flawed version of
> OpenSSL should be considered compromised. DSA requires a secret, random
Does this extend to gpg keys and its signatures? That would make quite
an impact.
Best wishes
No
Apparently, Heimdal in Debian also is affected. I am not aware of any
solution other then to manually regenerate all keys.
Brian May
--- Begin Message ---
I strongly advise all readers of this list that use Debian or might have
users in your realm (or any realms for which cross-realm key exchan
Hi Kees, Jamie, DDs,
I am looking at hosts that are runing other linuxen that may have weak
keys now, or see those weak keys uploaded inadvertently in the future.
Is there a straightforward way to get hosts that are !(Debian|Ubuntu)
to use that blacklist? PermitBlacklistedKeys support in openssh-
Russ Allbery <[EMAIL PROTECTED]> writes:
> Steve Greenland <[EMAIL PROTECTED]> writes:
>> "brian m. carlson" <[EMAIL PROTECTED]> wrote:
>
>>> Therefore, anyone who had a DSA key has had it compromised...
>
>> Shouldn't that be "anyone who had a DSA key *created by the flawed
>> version of openssl
Ivan Jager <[EMAIL PROTECTED]> writes:
> On Wed, 14 May 2008, David Härdeman wrote:
>> If the entropy pool is properly coded, there is no negative effect of
>> adding data which may or may not be truly random to the pool (i.e. you
>> cannot degrade the quality of the pool no matter what you add).
On Thu, May 15, 2008 at 02:00:25AM +0200, Steinar H. Gunderson wrote:
On Wed, May 14, 2008 at 11:12:26PM +, brian m. carlson wrote:
If one can solve the Discrete Logarithm Problem, then one can
factor, but the reverse is not true.
This is the first time I've ever heard anyone claim this; I
Le May 14, 2008 09:41:02 am Lennart Sorensen, vous avez écrit :
> On Tue, May 13, 2008 at 10:32:07PM -0400, Filipus Klutiero wrote:
> > I don't follow you. iceweasel, for example, is not independent from, say,
> > libnspr.
>
> If they come from one source package, then they all build together. If
Steve Greenland <[EMAIL PROTECTED]> writes:
> "brian m. carlson" <[EMAIL PROTECTED]> wrote:
>> Therefore, anyone who had a DSA key has had it compromised...
> Shouldn't that be "anyone who had a DSA key *created by the flawed
> version of openssl* has had it compromised..."? Or are you asserting
On Wed, May 14, 2008 at 11:12:26PM +, brian m. carlson wrote:
> If one can solve the Discrete Logarithm Problem, then one can
> factor, but the reverse is not true.
This is the first time I've ever heard anyone claim this; I've seen people
and textbooks claim they're roughly equivalent, but no
On Wed, May 14, 2008 at 06:22:37PM -0500, Steve Greenland wrote:
>> Therefore, anyone who had a DSA key has had it compromised...
> Shouldn't that be "anyone who had a DSA key *created by the flawed
> version of openssl* has had it compromised..."? Or are you asserting
> something stronger?
No. An
On 14-May-08, 18:12 (CDT), "brian m. carlson" <[EMAIL PROTECTED]> wrote:
> Therefore, anyone who had a DSA key has had it compromised...
Shouldn't that be "anyone who had a DSA key *created by the flawed
version of openssl* has had it compromised..."? Or are you asserting
something stronger?
Ste
On Wed, May 14, 2008 at 11:12:26PM +, brian m. carlson wrote:
Also, DSA absolutely requires a good random
number generator for every signature. If the nonce is not chosen
randomly, it will leak bits of the key. This is true for all discrete
logarithm algorithms. Therefore, anyone who had a
On Wed, May 7, 2008 at 10:16 PM, Timothy G Abbott <[EMAIL PROTECTED]> wrote:
> That's probably a good plan, especially since the sandbox is apparently
> going to be eliminated eventually (and it sounds like arpack and delaunay
> are on the list of things likely to be merged into mainline scipy)
>
>
On Thu, May 15, 2008 at 08:09:12AM +1000, Ben Finney wrote:
Roland Mas <[EMAIL PROTECTED]> writes:
- Keys submitted through the web interface are now filtered, and only
RSA keys end up in your authorized_keys file. Don't even try
putting DSA keys in your authorized_keys2 file, the use of t
On Thu, May 15, 2008 at 08:09:12AM +1000, Ben Finney wrote:
> Could you explain the rationale for this? My impression was that DSA
> was recommended over RSA.
DSA was recommended over RSA in years gone by for reasons of
freedom, until late 2000 when MIT's 17-year US patent (4405829)
expired on the
You can make packages to do configuration, but there are tricky issues
involved in making sure that the right thing happens when the packages
you're configuring are upgraded.
At MIT, we wrote a system of CDBS modules that automates a lot of the work
involved in making configuration packages.
Roland Mas <[EMAIL PROTECTED]> writes:
> - Keys submitted through the web interface are now filtered, and only
> RSA keys end up in your authorized_keys file. Don't even try
> putting DSA keys in your authorized_keys2 file, the use of that file
> has been disabled (and it'll be deleted anyw
On Wed, May 14, 2008 at 03:33:52PM -0400, Ivan Jager wrote:
> I think that might depend on how not truly random the data is. For
> example, suppose the pool is coded to simply xor the new entropy with the
> pool.
It's not -- it's hashed in using a cryptographic hash function.
/* Steinar */
--
On Wed, 14 May 2008, David Härdeman wrote:
If the entropy pool is properly coded, there is no negative effect of
adding data which may or may not be truly random to the pool (i.e. you
cannot degrade the quality of the pool no matter what you add). Therefore
step b) might add some entropy or it mi
On Wed, 2008-05-14 at 19:50 +0200, Luk Claes wrote:
> Osamu Aoki wrote:
> > Hi,
> >
> > Recent openssl issue lead me to http://db.debian.org/password.html and
> > made me wonder why script example uses DSA key while main text only
> > talks about RSA key.
>
> The text talks about RSA keys as they
Osamu Aoki wrote:
> Hi,
>
> Recent openssl issue lead me to http://db.debian.org/password.html and
> made me wonder why script example uses DSA key while main text only
> talks about RSA key.
The text talks about RSA keys as they are preferred over DSA keys.
> | Alternatively, you can do without
Yes, I realize there is not much time left. I'm also quite busy for the
next week or two, after which point I should have time to work on this
again. The precise release timeline is very helpful.
I won't be able to reasonably maintain this much software in Debian in the
long term, but I will
Hi,
Recent openssl issue lead me to http://db.debian.org/password.html and
made me wonder why script example uses DSA key while main text only
talks about RSA key.
| Alternatively, you can do without a password and use PGP to manipulate your
| LDAP information through the mail gateway and use SSH
On Tue, May 13, 2008 at 10:32:07PM -0400, Filipus Klutiero wrote:
> I don't follow you. iceweasel, for example, is not independent from, say,
> libnspr.
If they come from one source package, then they all build together. If
they do not, then it's a dynamicly linked library and each can be built
On Wed, May 14, 2008 10:21, BALLABIO GERARDO wrote:
> Peter Palfrader wrote:
>> Due to the weakness in our openssl's random number generator (see the
>> Debian Security Advisory #1571 from a few minutes ago[1]) that affects
>> among other things ssh keys we have disabled public key auth on all
>> p
BALLABIO GERARDO <[EMAIL PROTECTED]> writes:
> if I understand correctly, the problem was that openssl used some
> segment of uninitialized memory as a source of entropy, and the
> offending patch cleared it.
This is not correct. Clearing tmpbuf before reading /dev/urandom is
harmless. The broke
On Tue, May 13, 2008 at 10:51:37PM -0400, Joey Hess wrote:
> It would be nice to have a list which Recommends are ignored/overridden
> the most when installing packages, to identify Recommends that need to be
> downgraded to Suggests. Could we derive such a list from popcon data? I
> think it woul
On Wed May 14, 2008 at 10:21:18 +0200, BALLABIO GERARDO wrote:
> If so, and if that was the ONLY entropy source used in generating keys,
> then upstream openssl is (and has always been) just as broken as the
> patched Debian package.
It wasn't.
Steve
--
Debian GNU/Linux System Administration
2008/5/14 BALLABIO GERARDO <[EMAIL PROTECTED]>:
> However I wonder, is the pristine behavior correct? As far as I know, it
> is NOT justified at all to rely on the assumption that uninitialized
> memory contains random data. I read that many architectures reset it to
> some magic number, e.g.,
Peter Palfrader wrote:
> Due to the weakness in our openssl's random number generator (see the
> Debian Security Advisory #1571 from a few minutes ago[1]) that affects
> among other things ssh keys we have disabled public key auth on all
> project systems until further notice.
Hi all,
if I underst
31 matches
Mail list logo
