* Bodo Moeller:
>> BTW, it appears that the same blacklist can be used for -3 and -F4 keys.
>> (Just in case you haven't checked that already.)
>
> A more elaborate explanation seems in place to make sure that
> we avoid uninentionally incomplete blacklists.
Thanks, I've added a warning if an e !
On Wed, 21 May 2008, Jamie Strandboge wrote:
> > I discovered that there is also 3rd key which you get if you pass empty
> > file by -rand. Keys created in this way are still the same so it's
> > another possible compromised key. I'm not sure if it worth spend time on
> > counting this keys.
On Wed, 21 May 2008, Jan Tomasek wrote:
> Jamie Strandboge wrote:
>>> I discovered that there is also 3rd key which you get if you pass
>>> empty file by -rand. Keys created in this way are still the same so
>>> it's another possible compromised key. I'm not sure if it worth
>>> spend time on
Jamie Strandboge wrote:
I discovered that there is also 3rd key which you get if you pass empty
file by -rand. Keys created in this way are still the same so it's
another possible compromised key. I'm not sure if it worth spend time on
counting this keys...
Empty files vs non-existent res
On Mon, 19 May 2008, Jan Tomasek wrote:
> Kees Cook wrote:
>>> The rule is simple. When the ~/.rnd file doesn't exist I get one key
>>> and in other situation I get another (that listed in Ubuntu
>>> openssl-blacklist) key. Because of this problem openssl-blacklist has
>>> to be twice big t
On Wed, May 21, 2008 at 2:46 PM, Dirk-Willem van Gulik
<[EMAIL PROTECTED]> wrote:
> On May 21, 2008, at 12:06 PM, Bodo Moeller wrote:
>> A more elaborate explanation seems in place to make sure that
>> we avoid uninentionally incomplete blacklists.
>> I'd expect there to be some significant overl
On Monday 19 May 2008, Florian Weimer wrote:
> BTW, it appears that the same blacklist can be used for -3 and -F4
> keys. (Just in case you haven't checked that already.)
RSA keys with exponent 3 should probably not be used at all, because
multiple implementations did not verify the signatures co
On May 21, 2008, at 12:06 PM, Bodo Moeller wrote:
A more elaborate explanation seems in place to make sure that
we avoid uninentionally incomplete blacklists.
..
I'd expect there to be some significant overlapping between the
blacklists, but these should still be different lists: Many RSA mo
On Mon, May 19, 2008 at 02:17:42PM +0200, Florian Weimer wrote:
> * Kees Cook:
>>> The rule is simple. When the ~/.rnd file doesn't exist I get one key and
>>> in other situation I get another (that listed in Ubuntu
>>> openssl-blacklist) key. Because of this problem openssl-blacklist has to
On May 19, 2008, at 9:52 PM, Jan Tomasek wrote:
I do not trust dowkd.pl script because
it lacks info where keys were taken.
...
We did not want to publish this information in order to give system.
Do bear in mind that the public key consists of 1) the modulus and 2)
the public (or encry
* Jan Tomasek:
> This is good argument. When I was trying to secure my systems from
> weak SSH keys. I decided to use ssh-vulnkey and build blacklists by
> myself from work of H D Moore. I do not trust dowkd.pl script because
> it lacks info where keys were taken.
We did not want to publish this
Dirk-Willem van Gulik wrote:
On May 19, 2008, at 3:15 PM, Florian Weimer wrote:
* Dirk-Willem van Gulik:
Working with the original and some indication as to what pid,
platform, keylen endianness, and .rnd, is useful - as that way it is
possible to understand, reconstruct, spotcheck or verify
On May 19, 2008, at 3:15 PM, Florian Weimer wrote:
* Dirk-Willem van Gulik:
Working with the original and some indication as to what pid,
platform, keylen endianness, and .rnd, is useful - as that way it is
possible to understand, reconstruct, spotcheck or verify in-situ -
rather than having
* Dirk-Willem van Gulik:
> Working with the original and some indication as to what pid,
> platform, keylen endianness, and .rnd, is useful - as that way it is
> possible to understand, reconstruct, spotcheck or verify in-situ -
> rather than having to build trust without easy verify.
It's also
On May 19, 2008, at 2:54 PM, Florian Weimer wrote:
* Dirk-Willem van Gulik:
One way to do this a bit more careful may be by comparing the actual
data itself. OpenSSL will output this with the modulus flag:
openssl genrsa 1024 | openssl rsa -noout -modulus
Yes, that's what dowkd is
On Mon, May 19, 2008 at 02:24:01PM +0200, Jan Tomasek wrote:
> What is your 3rd architecture? On Ubuntu pages I see only PC (Intel x86)
> desktop CD and 64-bit PC (AMD64) desktop CD?
Sparc and PowerPC are big-endian with a 32-bit userspace. These exist
in Debian currently, and existed in Ubuntu
* Dirk-Willem van Gulik:
> One way to do this a bit more careful may be by comparing the actual
> data itself. OpenSSL will output this with the modulus flag:
>
> openssl genrsa 1024 | openssl rsa -noout -modulus
Yes, that's what dowkd is doing (albeit with a somewhat suboptimal
algorithm;
On May 19, 2008, at 2:17 PM, Florian Weimer wrote:
The rule is simple. When the ~/.rnd file doesn't exist I get one
key and
in other situation I get another (that listed in Ubuntu
openssl-blacklist) key. Because of this problem openssl-blacklist
has to
be twice big than openssh-blacklist. I
Kees Cook wrote:
The rule is simple. When the ~/.rnd file doesn't exist I get one key and
in other situation I get another (that listed in Ubuntu
openssl-blacklist) key. Because of this problem openssl-blacklist has to
be twice big than openssh-blacklist. I developed simple shell scripts to
* Kees Cook:
>> The rule is simple. When the ~/.rnd file doesn't exist I get one key and
>> in other situation I get another (that listed in Ubuntu
>> openssl-blacklist) key. Because of this problem openssl-blacklist has to
>> be twice big than openssh-blacklist. I developed simple shell scr
On Mon, May 19, 2008 at 01:09:25AM +0200, Jan Tomasek wrote:
> My colleague developed script for converting X509 certificates to SSH
> key hash. It was strange when we realized that none of issued
> certificates matched. It is because OpenSSH and OpenSSL blacklist are
> not compatible. OpenSS
Hello,
When this OpenSSL bug was announced our main interest at CESNET was to
warn users of our CA. We were thinking about using of keys published by
H D Moore at the page
http://metasploit.com/users/hdm/tools/debian-openssl/
My colleague developed script for converting X509 certificates to
22 matches
Mail list logo
