[Tfug] Debian SSH vulnerability

Angus Scott-Fleming angussf at geoapps.com
Thu May 15 07:24:08 MST 2008 

On 14 May 2008 at 18:40, Tom Rini  wrote:

> None of this is to say that if you have vulnerable keys you shouldn't go
> and regenerate 'em.

FWIW discussion on SANS here:

------- Included Stuff Follows -------
Debian and Ubuntu users: fix your keys/certificates NOW
  Published: 2008-05-15,
  Last Updated: 2008-05-15 12:02:47 UTC
  by Bojan Zdrnja (Version: 2)
  0 comment(s)

    Couple of days ago Swa posted a diary about a critical Debian/Ubuntu PRNG 
    security vulnerability.

    Today Matt wrote in to let us know that H D Moore posted a web page 
    containing all SSH 1024, 2048 and 4096-bit RSA keys he brute forced.

    It is obvious that this is highly critical - if you are running a Debian 
    or Ubuntu system, and you are using keys for SSH authentication 
    (ironically, that's something we've been recommending for a long time), 
    and those keys were generated between September 2006 and May 13th 2008 
    then you are vulnerable. In other words, those secure systems can be very 
    easily brute forced. What's even worse, H D Moore said that he will soon 
    release  a brute force tool that will allow an attacker easy access to any 
    SSH account that uses public key authentication.

    But this is not all - keep in mind that ANY cryptographic material created 
    on vulnerable systems can be compromised. If you generated SSL keys on 
    such Debian or Ubuntu systems, you will have to recreate the certificates 
    and get them signed again. An attacker can even decrypt old SSH sessions 
    now.

    The Debian project guys released a tool that can detect weak keys (it is 
    not 100% correct though as the blacklist in the tool can be incomplete). 
    You can download the tool from 
    http://security.debian.org/project/extra/dowkd/dowkd.pl.gz.
        The bottom line is: this is very, very, very serious and scary. Please 
    check your systems and make sure that you are both patched, and that you 
    regenerated any potentially weak cryptographic material.
--------- Included Stuff Ends ---------
Continues here, with links: http://isc.sans.org/diary.html?storyid=4420


--
Angus Scott-Fleming
GeoApps, Tucson, Arizona
1-520-290-5038
+-----------------------------------+

More information about the tfug mailing list