[SAC] Find and fix weak OpenSSL/OpenSSH keys
Markus Neteler
neteler at osgeo.org
Tue Jun 3 05:47:09 EDT 2008
Hi SAC,
you will now about the OpenSSL/OpenSSH keys weakness under certain
circumstances.
There is a test script available, which should be executed on the
osgeo machines.
See for example
http://blogs.techrepublic.com.com/opensource/?p=210
or
http://wiki.debian.org/SSLkeys#head-45e521140d6b8f2a0f96a115a5fc616c4f1baf0b
I have run it already on one some of my machines (several weak keys found and
eliminated) and grass.osgeo.org (one user key identified, user is
notified that his machine
is at risk).
Best,
Markus
More information about the Sac
mailing list