Another round of testing calls.
Markus Friedl
markus at openbsd.org
Fri Oct 26 22:14:07 EST 2001
On Fri, Oct 26, 2001 at 11:45:57AM +0200, Wojtek Pilorz wrote:
> A particularly pernicious problem arises with DSA keys (used by the
> ssh2 protocol). Performing a DSA signature (which is required for
> authentication), entails the use of a 160 bit random number. If an
> attacker can predict this number, then they can deduce your *private*
> key and impersonate you or your hosts.
don't generate a DSA hostkey if you care about this.
More information about the openssh-unix-dev
mailing list