blacklisting the bad ssh keys?
Steven M. Bellovin
smb at cs.columbia.edu
Wed May 14 19:52:58 EDT 2008
Given the published list of bad ssh keys due to the Debian mistake (see
http://metasploit.com/users/hdm/tools/debian-openssl/), should sshd be
updated to contain a blacklist of those keys? I suspect that a Bloom
filter would be quite compact and efficient.
--Steve Bellovin, http://www.cs.columbia.edu/~smb
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com
More information about the cryptography
mailing list