Weak host-keys are not replaced during openssh update

Mario Vukelic mario.vukelic at dantian.org
Tue May 13 19:08:18 UTC 2008


On Tue, 2008-05-13 at 20:49 +0200, Mario Vukelic wrote:
> Maybe this: <snip>

Um, probably not. 

Upon reflection I think that the upgrade does not replace any keys at
all. You need to do that yourself. At least that#s what the Debian
announcement says:

"It is strongly recommended that all cryptographic key material which
has been generated by OpenSSL versions starting with 0.9.8c-1 on Debian
systems is recreated from scratch."

http://article.gmane.org/gmane.linux.debian.security.announce/1614





More information about the ubuntu-users mailing list