is CentOS 4 or 5 affected by the SSH RNG problem?

Madison Kelly linux-5ZoueyuiTZhBDgjK7y7TUQ at public.gmane.org
Tue May 27 15:01:56 UTC 2008


Lennart Sorensen wrote:
> On Tue, May 27, 2008 at 10:29:42AM -0400, Madison Kelly wrote:
>> Title says it all. :)
> 
> It should not be, since it didn't have Debian's modification to openssl.
> Centos is based on the redhat sources.
> 
> Of course any DSA key you may have on such a system may be compromised
> if you ever connected to a system running Debian and someone snooped
> your connection.  Very unlikely, but theoretically possible I suppose.
> 

I didn't think it was, but thanks for the extra confirmation. :)

Madi
--
The Toronto Linux Users Group.      Meetings: http://gtalug.org/
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://gtalug.org/wiki/Mailing_lists





More information about the Legacy mailing list