If generating a legacy certificate using the "-t" option, a vulnerability could be exploited by attackers to gain knowledge of sensitive information. If legacy certificates have been issued using OpenSSH version 5.6/5.7, consider rotating any CA key used. OpenSSH recommend upgrading to version 5.8 available here or apply this patch. [1] http://www.openssh.com/txt/legacy-cert.adv ----------- Guy Bruneau IPSS Inc. gbruneau at isc dot sans dot edu |
Guy 523 Posts ISC Handler Feb 5th 2011 |
Thread locked Subscribe |
Feb 5th 2011 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!