Changes between Version 7 and Version 8 of openssl_vulnerability_2008-05


Ignore:
Timestamp:
May 14, 2008, 4:22:35 PM (13 years ago)
Author:
Jamie McClelland
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • openssl_vulnerability_2008-05

    v7 v8  
    2525== Secure Shell/Secure FTP users ==
    2626
    27 If you use Secure FTP or secure shell, you will get a message indicating that the host key has changed along the lines of:
     27We are updating the keys on `malcolm.mayfirst.org` and `mandela.mayfirst.org` at 5:30 pm Americas/New_York time, Wednesday, May 14 . After his update takes place,
     28you will get a message when you attempt to secure FTP or secure shell into one of these computers indicating that the host key has changed. The message may say something like:
    2829
    2930WARNING: REMOTE HOST IDENTIFICATION HAS CHANGED!
     
    3132Please see our [wiki:ssl_host_key_changed host key changed] help file to avoid getting that message in the future.
    3233
    33 If you are using our offsite backup system - you will also get the [wiki:ssl_host_key_changed host key changed error] - but it will happen during your automated backup process, causing your automated backup to fail until you follow the directions and import the proper new host key.
     34== Offsite backup users ==
     35
     36We are updating the keys on our offsite backup server at 9:30 am Americas/New_York time, Thursday, May 15.
     37
     38If you are using our offsite backup system - you will also get the [wiki:ssl_host_key_changed host key changed] error when your backup runs Thursday night/Friday morning. However, it will happen during your automated backup process, causing your automated backup to fail until you follow the directions and import the proper new host key.
     39
     40== More Information ==
    3441
    3542Keep in mind that this does not affect your information or any of the functionality you have on our servers. We have not been compromised. We're just in touch because you may see this message and become concerned.
    36 
    37 == More Information ==
    3843
    3944Host keys are random bits of text that are unique to every server. The randomness of the keys allows us to have a secure, encrypted connection between you and the server. Due to a bug in the software used to generate our host keys, they were not generated in a way that was random enough: the range of bits used to create the keys was limited to a guessable number. This means that, with the proper program and lots of time, a hacker could "guess" the key. Not likely but possible and possible is good enough for us. To fix the problem, we had to re-generate all the affected keys and that's what's causing that error.