View Single Post
  #2   (View Single Post)  
Old 7th September 2011
comet--berkeley comet--berkeley is offline
Real Name: Richard
Package Pilot
 
Join Date: Apr 2009
Location: California
Posts: 142
Default Security breach at kernel.org - Debian Random Number Generator

Yesterday the Register reported that Linus Torvalds, creator of Linux, stopped using kernel.org.

http://www.theregister.co.uk/2011/09...el_for_github/

Apparently the breach of kernel.org is related to a bug in the Debian Linux random number generator which greatly reduced the number of SSH keys that a cracker needs to try:

http://www.theregister.co.uk/2011/08...curity_breach/

http://www.theregister.co.uk/2008/08...tacks_warning/

Sadly, Debian is also the base for Ubuntu and many other Linux distributions so they all had this bad random number generator.

It is not enough to fix the Linux systems. The old SSH keys (public,private, etc.) need to be regenerated and redistributed after the fix as well...
Reply With Quote