https://bugzilla.novell.com/show_bug.cgi?id=393186
User meissner@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=393186#c15
--- Comment #15 from Marcus Meissner
Also, aren't protocol 1 keys 1024-bit RSA only, even with the latest ssh-keygen?
Then, is it just one set of vulnerable 1024-bit RSA keys for both protocols - or is it two sets?
Yes -- in the tests I did, RSA1 and RSA keys shared the same modulus, so RSA1 is covered by the same blacklists. RSA1024 is in the openssh-blacklist-extra binary package in debian. As for other corner-cases, DSA2048 weren't generate-able[1] with a broken version of ssh-keygen, so I've been considering publishing an _empty_ DSA2048 blacklist, just so that ssh-vulnkey will report DSA2048 as "safe" instead of "unknown". -Kees [1] dsa was forced to be 1024 for a while now: $ ssh-keygen -f /tmp/foo -t dsa -b 2048 DSA keys must be 1024 bits -- Kees Cook @outflux.net -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.