[495] in linux-security and linux-alert archive
EMERGENCY LINUX SECURITY FAQ UPDATE: PGP KEY COMPROMISE
daemon@ATHENA.MIT.EDU (Alexander O. Yuriev)
Sat Dec 2 17:41:12 1995
Date: Wed, 29 Nov 1995 21:56:32 -0500 (EST)
From: "Alexander O. Yuriev" <alex@bach.cis.temple.edu>
To: Jeff Uphoff <juphoff@tarsier.cv.nrao.edu>
cc: okir@monad.swb.de, millner@millner.bevc.blacksburg.va.us, mmead@glock.com,
panzer@dhp.com, gert@greenie.muc.de, ley@cert.dfn.de,
wirzeniu@cs.helsinki.fi, marekm@i17linuxa.ists.pwr.wroc.pl,
aleph1@underground.org, cert@cert.org, Peter.Anvin@linux.org,
ndf@aleph1.mit.edu, pmurphy@nrao.edu, rgooch@atnf.csiro.au,
Linux Announce Submit <linux-announce@stc06.ctd.ornl.gov>,
big-linux-mailing-list <big-linux@netspace.org>,
Vladimir <vladimir@rosnet.rosmail.com>,
Russ DeFlavia <russ@tarkus.ocis.temple.edu>,
Matt Bishop <bishop@cs.ucdavis.edu>,
Linux Security Mailing List <linux-security@tarsier.cv.nrao.edu>,
linux-alert@tarsier.cv.nrao.edu, Marc Ewing <marc@redhat.com>,
Ron Holt <ron@caldera.com>,
Roman Gollent <roman@PORTAL.STWING.UPENN.EDU>,
cpage@pandora.resnet.upenn.edu
In-Reply-To: <199511300147.UAA01344@tarsier.cv.nrao.edu>
Reply-To: linux-security@tarsier.cv.nrao.edu
-----BEGIN PGP SIGNED MESSAGE-----
ONE OF LINUX SECURITY FAQ PGP KEYS HAD BEEN COMPROMISED.
EMERGENCY LINUX SECURITY FAQ UPDATE
22:13:07 EST
Copyright (C) 1995 Alexander O. Yuriev (alex@bach.cis.temple.edu)
CIS Laboratories
TEMPLE UNIVERSITY
U.S.A.
=============================================================================
This is an official update of the Linux security FAQ, and it is supposed to
be signed by one of the following PGP keys:
1024/EFE347AD 1995/02/17 Olaf Kirch <okir@monad.swb.de>
1024/ADF3EE95 1995/06/08 Linux Security FAQ Primary Key <Alexander O. Yuriev>
Unless you are able to verify at least one of signatures, please be very
careful when following instructions.
Linux Security WWW: http://bach.cis.temple.edu/pub/linux/linux-security
=============================================================================
Jeff Uphoff <juphoff@tarsier.cv.nrao.edu>, co-moderator of
linux-security and linux-alert mailing lists had issued a key
revocation certificate for the the PGP key
pub 1024/544C7805 1994/07/17
which could be used to sign Linux Security FAQ Updates or other
security related information.
From Nov 29, 1995 21:22:07 EST everything signed or encrypted
using this key is considered to be compromised. Please notify
Alexander O. Yuriev <alex@bach.cis.temple.edu>, Olaf Kirch
<okir@monad.swb.de> using PGP encrypted email if you receive
compromised information. The PGP public keys of people involved
in Linux security will be available from the following URL:
ftp://bach.cis.temple.edu/pub/Linux/Security/PGP-KEYS.pgp
When Jeff Uphoff's new key will be available, it will be added to
the the PGP-KEYS.pgp. Please avoid emailing sensitive information
to Jeff Uphoff in the non-encrypted form.
As the result of the attack NRAO is not directly connected to
Internet. We are working on creating an emergency replacement archive
for linux-security and linux-alert mailing lists, as well as a
backup system to handle the mailing list while NRAO is being cleaned.
The following is the extract from message sent by Jeff Uphoff:
****************************************************************************
- From juphoff@tarsier.cv.nrao.eduWed Nov 29 21:06:25 1995
Date: Wed, 29 Nov 1995 20:47:01 -0500
From: Jeff Uphoff <juphoff@tarsier.cv.nrao.edu>
To: alex%bach.cis.temple.edu@nrao.edu
Subject: PGP key compromise.
[I'm sending this to the people on my key-ring, i.e. those with which I
occasionally or frequently exchange PGP encrypted e-mail.]
Both my PGP key-ring (possible) and my pass-phrase (definite) have been
compromised. Attached to this message is a key-revocation certificate.
Please pass it on to as many people as you can think of that might have
my current key. I cannot sign this message with a recognizable key now,
but the block speaks for itself once you feed it through PGP.
Robert Millner <millner@millner.bevc.blacksburg.va.us> can verify the
compromise by telephone at 540-961-4321, as can I at 804-296-0208.
Details of the compromise will be released later to those interested
parties that have not been following this particular series of events.
(The U.S. FBI is now involved.) NRAO headquarters is no longer
interactively reachable from the Internet, though we are exchanging
e-mail as long as we can safely maintain the link.
- -----BEGIN PGP PUBLIC KEY BLOCK-----
Version: 2.6.2
mQCNAi4pfSsAAAEEAORGNqXZcyNyOiX90Da8pGpNRs1dYPOc+m8MUfxwXWDEPo7J
6MMVZMhKccFeCvGBaVaM8xJ3RrmbQVpVzJlr+FT1UHIvUHNKbWt882HqPOT/Zj6n
Zuegs28W9fPdsn4Zpkh52EjPuaMaVGfEe2/J3OhusscFn4CRMbxzFUpUTHgFAAUR
iQCVAwUgML0F2bxzFUpUTHgFAQFr/QP/WdLFrOdE59joeUrfMJdx//9raITsngFY
NOHfrqNKIpNxT/pgJKZfYdLEk7YewaLUvEqjtgWMScU3TWfppbZzffrwh1KekMmW
zhEU78O86NEa3Jl2vBgLnK3UrFSBB38ksjNrqSUu+G5QDoyur2iiF/sMa9S+c+ba
ep+fqSkBUBi0JEplZmZyZXkgQS4gVXBob2ZmIDxqdXBob2ZmQG5yYW8uZWR1PokA
lQMFEDC7GdGMRVM9rfPulQEBCt4D/jaE8QHrMtla0pdV1J2NSN9P0QPWyWalTe5P
oENffVpvykTCuiOD9yb6Jy4sHPhmBsEgrXpU4OKWH9T9DWDEFI0UIoLo7IvO8kJ8
cwPB8fayXhslOA4Un/8fx3iDxOR8uFJxdr1F8Ga0q6XGfsQ2Ou07oBK3z8oqr5Wx
soZbTj6MiQCVAwUQMLsY850afeTWLUSJAQET6AP+M/Ap8MzXwzD1BZ6rVU4TO5zN
Rxgqw+7lhVX+BKhR2GAbh5/htqTiZAsD2vSBJakGT7esk4dUaGQCPUCm/n/3rqm6
PWX/dDKEtzAEebCHcD+qRyOQFmKAW5BUPHWW1lmt6xn/kSIPq7XHjz6B43RZWGsB
hQ9EIZUCNZIxo+ZLXzCJAJUCBRAvRxH14WdUde/jR60BATZhBADQCYztGmrnTFYQ
hual0Vf0Q26D7+bnYWU4mS1RzfQcd5OME1RBwN5wMcSZop9FNXqYnDI5Rz+3kH5l
KmaW7dPCJiqPu17EBJ+a12pwhJyqoMSXwIOejYHzb3gGt+xDmL/WtiozVwXSLW1N
At03Cx6h3HaWe/y3lGsrJk6YtdMcqYkAlQMFEC6lcClqKWzjEbfWeQEBpmsD/RGv
bsFfjw7yVJWeyk1YwtoAlbeHvPX7+Rk+sgZXM8Zv9Kb4iKn5nYMkpnQlskLLVclW
3sYcvD81dhJgTirAykekeNsX/Ut5gR8zC9e/eAr2VtfzzqmdMazLmB+V/6B5TQ+Q
SCsenf9z1oVWxsRxPfgITH3gGoR3ic4pAL8ECMb9iQCVAwUQLo3C0mGddyp8Ve4F
AQGBTwQAxnEi1udeO193kNqBGk2rgZZUmzpW4iR8FpHcAkvXZIrkph2mPsb6nE1J
1Z3LTMgu1RvJAiXmiCDbvLGd0mMIuZpYDmbwigXwF3FWJ3vcnCeZJdMIotFzLpjJ
3XFpiL3qxW0SsD18i6FOKlXSwFWjRwLhKu15y0NFbvgtjnGU/NyJAJUCBRAuQQdf
QJYyJ+SHEeUBASUkA/9oVOSU22auv5UwdBCUIH6xJawjv5rq8OjfAmmKPgMYQW/G
UE49Q0OG3EWy9X27VBJNVY9UJI45Tabr71ilxHq6GDrkky0CS1yXk/b3kw4i/slI
fvwhcOJFIgvKfyW3Z/pfkdEcCaifPazt2r4styS0Q6EZjmEJVUo5UcIgn9UA3okA
lQIFEC4qwqC8cxVKVEx4BQEB13ED/1+LS4AuKZLW2jud4mrEPbHeW5VZ90bjQDWK
5TD0Bb2q6IzEUwH2E75i0TnTXhZKjKtro96q7EW6qoFpvZQ0d0a2o5ydAyb8SERW
ZzaNhFCWS6+I0BpW9nG2X/YfUESoHUzITa2KGjEaZyUa1Qn2Px+iy//FET61imy8
R6HzvW6TiQCVAgUQLiq/EJ7VmOXAmG3tAQH/dgP+P0MiEdfjdwGG3grzSeGxQVT1
0ZGKwxUW8MnekblHqAeTXq9gzOtiLho7zrJrFFwHbcc9zL6ZzzVEcHrZM9lcR3Ey
ZvtyYtmnvJIl/kIh2Yr/l5H0sXImw2Ik31or4kNHpOtf0HYaieUIwW/GuV7S0LV4
2FRkPiXD9SXwxYDfeGi0KUplZmZyZXkgQS4gVXBob2ZmIDxqZWZmLnVwaG9mZkBs
aW51eC5vcmc+
=SL0I
- -----END PGP PUBLIC KEY BLOCK-----
*****************************************************************
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBML0bT4xFUz2t8+6VAQHFBgP+Pf19mAJhh0zM8OhctpN4NyewjjHlhj9b
kbVpbOwTpVGWqMEKTNCj6qP+Wl9cbp910WAOxsWrLN6G1u35tBQ95SWjKz8bhLup
D/U3VMyc1TNgsYwRoQhjMVkl3g9+mzpXIyqmVGUANLPVtTbxBe3lJlyXpvBU8iwd
VnG4+bF31EU=
=tYmz
-----END PGP SIGNATURE-----
============================================================================
Alexander O. Yuriev Email: alex@bach.cis.temple.edu
CIS Labs, TEMPLE UNIVERSITY WWW: http://bach.cis.temple.edu/personal/alex
Philadelphia, PA, USA
KeyID: 1024/D62D4489 Key Fingerprint: AE84534377CCC4E2 37B13C4D8CD3D501
Unless otherwise stated, everything above is my personal opinion and not an
opinion of any organisation affiliated with me.
=============================================================================
