[Python-Dev] heads up on svn.python.org ssh keys - debian/ubuntu users may need new ones
Guilherme Polo
ggpolo at gmail.com
Tue May 13 20:45:02 CEST 2008
2008/5/13 Gregory P. Smith <greg at krypto.org>:
> Heads up.
>
> Debian screwed up. As a result all ssh and ssl keys generated in the
> last 18 months on debian and ubuntu systems may be compromised due to
> not using a good random number generator seed.
> http://lists.debian.org/debian-security-announce/2008/msg00152.html
> and http://www.links.org/?p=327
>
> If you generated your python subversion ssh key during this time on a
> machine fitting the description above, please consider replacing your
> keys.
>
> apt-get update ; apt-get upgrade on debian will provide you with a
> ssh-vulnkey program that can be used to test if your ssh keys are
> valid or not.
>
Thanks for pointing it out Gregory.
ssh-vulnkey says most of my keys are compromised, including the one
used for python's svn.
> -gps
> _______________________________________________
> Python-Dev mailing list
> Python-Dev at python.org
> http://mail.python.org/mailman/listinfo/python-dev
> Unsubscribe: http://mail.python.org/mailman/options/python-dev/ggpolo%40gmail.com
>
--
-- Guilherme H. Polo Goncalves
More information about the Python-Dev
mailing list