[SLL] [Taclug-General] Fwd: [Dailydave] Debian OpenSSL Fun

[Jesse Keating]

On Wed, 2008-05-14 at 14:48 -0700, Andrew Becherer wrote:
> Regarding the recent Debian OpenSSL flaw, "The blacklists published by
> Debian and Ubuntu demonstrate just how small the key space is. When
> creating a new OpenSSH key, there are only 32,767 possible outcomes
> for a given architecture, key size, and key type. The reason is that
> the only "random" data being used by the PRNG is the ID of the
> process." Ugh.
> 

There is also a fair amount of speculation as to what happens if your
public key got forwarded through a Debian system running the flawed
openssl.  A lot of opinions say that due to how DSA works on both ends,
any DSA private key may in fact be much more guessable having the public
side of it gone through a Debian system.

That said, any rouge ssh box can configure itself so that dsa is
completely guessable and make this happen, DSA keys should be avoided at
all costs and thrown away if they exist.  It's just that due to Debian,
the number of hosts that could cause this to happen went up...
significantly.

If anybody is using DSA keys in the wild and may have at any point in
time bounced through a Debian box, I would highly recommend regenerating
them (and using something other than DSA).  Even if you haven't,
dropping DSA is a good idea.

-- 
Jesse Keating RHCE      (jkeating.livejournal.com)
Fedora Project          (fedoraproject.org/wiki/JesseKeating)
GPG Public Key          (geek.j2solutions.net/jkeating.j2solutions.pub)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part
Url : http://lists2.linuxjournal.com/pipermail/linux-list/attachments/20080514/a0bcb601/attachment.sig