Back to list
*Note: Email address will appear as "user domain ext" to prevent harvesting.
Debian generated SSH-Keys working exploit
May 15 2008 05:54AM
mm deadbeef de
the debian openssl issue leads that there are only 65.536 possible ssh keys generated, cause the only entropy is the pid of the process generating the key.
This leads to that the following perl script can be used with the precalculated ssh keys to brute force the ssh login. I...
[ more ]
Copyright 2010, SecurityFocus