[unisog] FYI: Debian/Ubuntu SSL/SSH vulnerability, logging issues
Florian Weimer
fw at deneb.enyo.de
Fri May 23 13:21:02 GMT 2008
* Andrew Daviel:
> If you have a recent Debian or Ubuntu system, running the
> "etch" release (since September 2006), and have used it to generate an
> SSH key used for access on any system (i.e. done "ssh-keygen" and placed a key in
> .ssh/authorized_keys) :
You should do this even if you are in a supposedly Debian-free
environment. It seems as if it's pretty difficult to stop people from
using Debian. There have been quite a few surprises.
> There is a script "dowkd.pl" available from
> http://lists.debian.org/debian-security-announce/2008/msg00152.html
> This is worth running. You need go get a file from CPAN:
> cpan> install File::Temp
Uhm, File::Temp has been part of Perl for ages. Is there some sort of
error message if you don't do that?
More information about the unisog
mailing list