reset ssh keys, even if only a public key in fedora?
Jon Ciesla
limb at jcomserv.net
Tue Aug 19 15:40:59 UTC 2008
> Hi.
>
> On Tue, 19 Aug 2008 11:32:14 -0400, Simo Sorce wrote:
>
>> DSA keys can be compromised if the server you connect to is
>> compromised. See discussions about the recent openssl debacle for
>> debian.
>
> Which kind of invalidates the whole "public key" concept, doesn't it?
:) Yup.
> Not wanting to start a new discussion about this, but the fact that
> (some) debian-created keys were weak (and thus crackable) wasn't the
> servers fault, but the fault of the client that generated the key in
> the first place (unless I'm getting something seriously wrong).
Correct. It was also server keys, but that wouldn't compromise your own
client key, just the security of the server's key. To crack the
encryption, you still need wither the private key or a lot of time and PCU
cycles. The debian issue simply reduced the number of CPU cycles.
> --
> fedora-devel-list mailing list
> fedora-devel-list at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-devel-list
>
--
novus ordo absurdum
More information about the fedora-devel-list
mailing list