Jump to content

ArchLinux News: openssh-7.0p1 deprecates ssh-dss keys

securitybreach

By securitybreach
in Bruno's All Things Linux

 Share

Recommended Posts

securitybreach

securitybreach

Posted
Posted
openssh-7.0p1 deprecates ssh-dss keys

 

2015-08-14 - Gaetan Bisson

 

In light of recently discovered vulnerabilities, the new openssh-7.0p1 release deprecates keys of ssh-dss type, also known as DSA keys. See the upstream announcement for details.

Before updating and restarting sshd on a remote host, make sure you do not rely on such keys for connecting to it. To enumerate DSA keys granting access to a given account, use:

 

	grep ssh-dss ~/.ssh/authorized_keys

 

If you have any, ensure you have alternative means of logging in, such as key pairs of a different type, or password authentication.

 

Finally, host keys of ssh-dss type being deprecated too, you might have to confirm a new fingerprint (for a host key of a different type) when connecting to a freshly updated server.

 

 

https://www.archlinu...s-ssh-dss-keys/

  • Like 2
Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing
×
×
  • Create New...