[124218] in cryptography@c2.net mail archive

home help back first fref pref prev next nref lref last post

blacklisting the bad ssh keys?

daemon@ATHENA.MIT.EDU (Steven M. Bellovin)
Thu May 22 12:33:55 2008

Date: Wed, 14 May 2008 19:52:58 -0400
From: "Steven M. Bellovin" <smb@cs.columbia.edu>
To: cryptography@metzdowd.com

Given the published list of bad ssh keys due to the Debian mistake (see
http://metasploit.com/users/hdm/tools/debian-openssl/), should sshd be
updated to contain a blacklist of those keys?  I suspect that a Bloom
filter would be quite compact and efficient.


		--Steve Bellovin, http://www.cs.columbia.edu/~smb

---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com

home help back first fref pref prev next nref lref last post