Gnuru.org
Productive Linux


Subscribe

 Subscribe via Feedburner in a reader

Enter your email address:

Delivered by FeedBurner


Login
Login:
Password:



Don't have an account?
Sign up to Gnuru.org
Forgot your password?

Recent Posts
Delete files older than a certain date
Postgresql - multiple installs
Burn ISO to CDR on the Command Line
Screen shot from the Command Line
Make an Image Smaller for Web or Email
Is Calibre the most annoying program in the world ever?
Computer Science Degree: Possibly Useless
Terminal Emulators
Command Line Dictaphone
Fun with sed
Use rsync to copy a directory structure to VFAT
UDEV - devices mounting twice
Convert m4a to mp3 Script
NFSv4 Really Rocks if You Can Get It Working
Convert mp4 video to avi video
Burn ISO to DVD on the Command Line
Scan Network for Local Services with nmap
Bash One-Liner to Determine Mountpoint from UUID
Fail: orphaned udev rules make your life difficult
USB Pen Drives - the UDEV Automounting Secrets
New Nodes
file
Delete files older than a certain date
Postgresql - multiple installs
cdrecord
cdr
Burn ISO to CDR on the Command Line
graphics
screengrab
screenshot
Screen shot from the Command Line
convert
imagemagick
image
Make an Image Smaller for Web or Email
Tags

ACPI administration advocacy advocacy advocacy opinion alsa amarok apache apple apt aptitude audio audo authentication automount avi awk bash BIOS boot business cache calendar calibre cdr cdrecord censorship commandline computerscience console convert cron cut database date debian degree design desktop development disk dpkg dvd economics education emacs email europe exim faad ffmpeg file files firefox firewall flash foss freedom ftp fun fuse git gnumeric graphics grep growisofs grub gtkpod hardware hardware html idiocy image imagemagick images installation ip iphone ipod iptables iso itunes ivman kde kernel keyboard knoppix lame laptop latex linux locale lockin longlines m4a microsoft mimetypes minitab mount mp3 mp4 mplayer multimedia music mysql network nfs nfs4 nmap openbox openoffice opinion opinion partition pdf perl php politics postgresql printing privacy programming rant remote rhythmbox rss rsync rxvt scp screengrab screenshot script scripting scsi security sed server shell siteadmin sitenews sitesoftware skype skype slackware sound sox spam spreadsheet ssh statistics subversion sudo svk swap t23 t43 terminal text thinkpad thunderbird time timezone ubuntu udev upgrade usb usbmount users uuid versioncontrol vfat video vnc windows wine wordpress wordprocessing X40 xwindows xwindows youtube

Blogroll
Categories

Server Refuses to Accept Login
2 December 2008 @ 22:22 GMT
by Paul

I've had trouble with my server not accepting public key authorization. 'auth.log' was claiming that certain keys were blacklisted. WTF? The man page for 'ssh-vulnkey' explains:

A substantial number of keys are known to have been generated using a broken version of OpenSSL distributed by Debian which failed to seed its random number generator correctly. Keys generated using these OpenSSL versions should be assumed to be compromised. This tool may be useful in checking for such keys.

Keys that are compromised cannot be repaired; replacements must be generated using ssh-keygen(1). Make sure to update authorized_keys files on all systems where compromised keys were permitted to authenticate.

So, that's what I did. I also had to remove some of the '.ssh/known_hosts' files.

Tags: ssh administration


Leave a comment:

Are you human?