is CentOS 4 or 5 affected by the SSH RNG problem?

Lennart Sorensen lsorense-1wCw9BSqJbv44Nm34jS7GywD8/FfD2ys at public.gmane.org
Tue May 27 14:44:50 UTC 2008


On Tue, May 27, 2008 at 10:29:42AM -0400, Madison Kelly wrote:
> Title says it all. :)

It should not be, since it didn't have Debian's modification to openssl.
Centos is based on the redhat sources.

Of course any DSA key you may have on such a system may be compromised
if you ever connected to a system running Debian and someone snooped
your connection.  Very unlikely, but theoretically possible I suppose.

-- 
Len Sorensen
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list