[clug] Debian + SSL security issue
Peter Barker
pbarker at barker.dropbear.id.au
Wed May 14 04:27:10 GMT 2008
On Wed, 14 May 2008, Andrew wrote:
> For those who saw the announcement -
> http://lists.debian.org/debian-security-announce/2008/msg00152.html
>
> Does anyone have any further indication of how severe this is? It would mean
> lots of re-keying for me (nearly 100 boxen all up) :( The updates don't
> bother me, as I do them anyhow...
It looks very, very bad.
Apparently (and you're getting this about 4th-hand now ;), the end result
of Debian's futzing is that only about 260,000 unique private keys would
ever be generated.
So an attacker could generate all of those and try them one-by-one against
your server. Or, if I were him, take one of the keys and try it against
each of 260,000 boxes that has been previously scanned and is know to be
running ssh...
I haven't fully digested the information available. Particularly the
implications of the session information also using the same
not-very-well-seeded prng.
Apparently there's also an interesting gotcha suffered by (at least)
Ubuntu. Apparently the upgrade to the package will cause compromised keys
to longer be available for use for user authentication. If you upgrade
the package and log out of a machine which you ONLY have access to through
a "bad" key, then you will be locked out of that machine....
I suggest the first step is to run their analysis tool *everywhere*.
> Andrew Donehue
Yours,
--
Peter Barker | Programmer,Sysadmin,Geek.
pbarker at barker.dropbear.id.au | You need a bigger hammer.
:: It's a hack! Expect underscores! - Nigel Williams
More information about the linux
mailing list