OpenSSH and OpenSSL
I been hearing some conflicting information about the OpenSSL issue as of late. So I thought I would ask here on the slackware forum.
My question is I heard that if you had a vulnerable openssl installed at the time you generated your openssh keys your keys would be vulnerable. And that you should regenerate them. Others have said that openssh does not use openssl. So my question is what is the low down, are my logins still vulnerable on the servers that I have my keys on?
My setup is Slackware 14.1 (I have, as of today, updated both the openssl and openssh packages) I have disabled all password logins to all computers I control (along with turning off root login via ssh)
|