oss-sec mailing list archives
Re: OpenSSH key blacklisting
From: Solar Designer <solar () openwall com>
Date: Sun, 18 May 2008 20:35:10 +0400
On Sun, May 18, 2008 at 09:12:16AM -0700, Kees Cook wrote:
Ah, I haven't been separating it by arch, but I can certainly do that. I've been including the "full" hashes in the Debian openssh-blacklist source package and reducing them for the final files. I can easily split up the source blacklist files by arch and combine them during the "build".
Yes, please split by {arch, key type, key size}. That is, let's have one "source" file per combination of these.
I will probably also keep the file in PID order, and sort it during the build.
Good idea. That way, it'd be easier for us to compare your blacklists against those others may have. What about my question re: RSA keys for protocol 1 vs. protocol 2? Thanks, Alexander
Current thread:
- Re: OpenSSH key blacklisting, (continued)
- Re: OpenSSH key blacklisting Craig Edwards (Brain) (May 16)
- Re: OpenSSH key blacklisting Solar Designer (May 16)
- Re: OpenSSH key blacklisting Vincent Danen (May 16)
- Re: OpenSSH key blacklisting Robert Buchholz (May 16)
- Re: OpenSSH key blacklisting Solar Designer (May 16)
- Re: OpenSSH key blacklisting Robert Buchholz (May 17)
- Re: OpenSSH key blacklisting Solar Designer (May 17)
- Re: OpenSSH key blacklisting Robert Buchholz (May 17)
- Re: OpenSSH key blacklisting Solar Designer (May 17)
- Re: OpenSSH key blacklisting Kees Cook (May 18)
- Re: OpenSSH key blacklisting Solar Designer (May 18)
- Re: OpenSSH key blacklisting Kees Cook (May 19)
- Re: OpenSSH key blacklisting Solar Designer (May 16)
- Re: OpenSSH key blacklisting Kees Cook (May 19)
- Re: OpenSSH key blacklisting Craig Edwards (Brain) (May 16)
- Re: OpenSSH key blacklisting Kees Cook (May 18)
- Re: OpenSSH key blacklisting Matthias Andree (May 20)
- Re: OpenSSH key blacklisting Solar Designer (May 27)
- Re: OpenSSH key blacklisting Dmitry V. Levin (May 27)
- Re: OpenSSH key blacklisting Tim Brown (May 28)
- Re: OpenSSH key blacklisting Sebastian Krahmer (May 28)
- Re: OpenSSH key blacklisting Tim Brown (Jun 02)
- Re: OpenSSH key blacklisting Sebastian Krahmer (Jun 02)