[Haifux] More information about latest OpenSSL/OpenSSH/OpenVPN vulnerabilities?

Dotan Cohen dotancohen at gmail.com
Wed May 14 02:06:43 MSD 2008

2008/5/14 Tzafrir Rehan <tzafrir.r at gmail.com>:
> So apparently all keys were produced using the same random seed?
> That's simply mindblowing!

No, but a finite set of random numbers were used to generate the seed.
Basically, if you have two sufficiently similar machines you could
create a key on one, examine it, and decode a key produced on the
other. This is way over simplified, but it illustrates the point.

Any machine using a key generated on an affected machine should be
considered vulnerable. Not compromised, but vulnerable. Generate new
keys (on slackware :)) and get switching.

Dotan Cohen


A: Because it messes up the order in which people normally read text.
Q: Why is top-posting such a bad thing?

More information about the Haifux mailing list