> In comp.security.ssh Ignoramus17861 wrote:
>| In regards to this giant fuckup:
>|
>| http://www.ubuntu.com/usn/usn-612-2
>|
>| What exactly is the impact of this vulnerability?
>|
>| 1) Does it let a attacker, who has listening ability on a local
>| network, to intercept keys? (ie reduce security of SSH to that of telnet)
>
> The private keys themselves are not sent. The cipher key for the session is.
> But I don't know if that key can be reproduced from a session playback once
> the blackhat has guessed the authentication key.

>
>| 2) Does it allow an attacker, who does NOT have a listening ability,
>| to log on to remote machines using known weak keys? (ie brute force a
>| fully remote machine)
>
> Based on what I read, it is the authentication key that may be
> weak.

> You have a fair chance of having generated a weak authentication
> key. If so, the blackhat has a fair chance of guessing what that
> key is, and pretending to be you to access hosts.

>
>| Just what is the extent of this sad story?
>|
>| As I use ssh and keys a lot, this means that I had to spend a lot of
>| time fixing all the trust network that I have. I think that I am done,
>| finally.
>
> That depends on where/how you generated your keys.
>
> FYI, I regenerate all new authentication keys more than once a year. Maybe
> you should do that, too. I don't do it for fear that my keys have been
> compromised. In fact, doing this may actually increase that exposure a tiny
> bit. Instead, I do it to "keep in practice", so I don't forget all the steps
> I need to do to update everything. I don't want to be in a situation where
> I suddenly _need_ to do this and have forgotten what all I need to do to
> carry it out correctly.
>