Bonum Certa Men Certa

The Notorious, Catastrophic 2008 Debian OpenSSH Vulnerability

posted by Roy Schestowitz on Jun 08, 2024,
updated Jun 08, 2024

Debian logo

Debian OpenSSH Vulnerability, Jasone Blevins. (2008)

In May 2008, a bug was discovered in the Debian OpenSSL package which affected the seeding of the random number generator (RNG) used to generate keys. Any SSH keys generated by affected systems should be considered compromised. GnuPG keys are not affected. See the official Debian security advisory for details.

This does not mean that an attacker could immediately guess your private key, but because there was significantly less entropy being introduced into the seeding of the RNG, the key space was significantly reduced making a brute-force attack feasible. As I understand it, the primary source of entropy for seeding the RNG was originally uninitialized memory from the heap. Additional, more predictable components like the current process ID (an integer between 1 and 32,768) were also used. Due to an erroneous patch introduced in September 2006, uninitialized memory was no longer used in seeding the RNG leaving the process ID as the primary source of randomness. Thus, generated keys can be predicted to the extent that one knows how soon after boot time a key was generated. For example, SSH host keys are usually generated immediately after installation and so they are likely to have been generated by a processes with IDs, say, less than 500.

If it were not for this ever so small bit of “randomness,” this bug would likely have been discovered much sooner, before the patch made it to stable distributions, as someone would have noticed that all their SSH keys were the same. Unfortunately, as they say, bad cryptography looks the same as good cryptography.

Once the bug was discovered, Debian security updates were released that blacklisted the vulnerable keys, causing the system to fall back to a password-based login. If you have an affected key and try to log into an updated system, you may see a message like the following:

Public key 81:e6:75:64:17:5f:e2:ff:12:c3:ac:85:43:1e:6a:3c blacklisted (see ssh-vulnkey(1)); refusing to send it

Thus as long as your system is up to date, you can sleep well knowing that it won’t be compromised and update your key at your leisure. However, if you have been used to using ssh-agent and key-based authentication, typing your password over and over will soon become burdensome and you’ll want to generate a new key.

The remainder of this article discusses how to check your key and generate a new one if necessary. If you would like to read more about the situation, Russ Cox wrote a very nice article which provides some technical background and documents the decisions leading up to the offending patch.

Read on...

Other Recent Techrights' Posts

Google Has Mass Layoffs (Again), But the Problem is Vastly Larger
started as a rumour about January 2025
Electronic Frontier Foundation Defends Companies That Attack Free Speech Online (Follow the Money)
One might joke that today's EFF has basically adopted the same stance as Donald Trump and has a "warm spot" for BRICS propaganda
 
Christmas FUD From Microsoft, Smearing "SSH" When the Real Issue is Microsoft Windows
And since Microsoft's software contains back doors, only a fool would allow any part of SSH on Microsoft's environments, which should be presumed compromised
Paywalls, Bots, Spam, and Spyware is "Future of the Media" According to UK Press Gazette
"managers want more LLM slop"
On BetaNews Latest Technology News: "We are moderately confident this text was [LLM Chatbot] generated"
The future of newsrooms or another site circling down the drain with spam, slop, or both?
"The Real New Year" is Now
Happy solstice
Microsoft OSI Reads Techrights Closely
Microsoft OSI has also fraudulently attempted to censor Techrights several times over the years
"Warning About IBM's Labor Practices"
IBM is not growing and its revenue is just "borrowed" from companies it is buying; a lot of this revenue gets spent paying the interest on considerable debt
[Meme] The Easier Way to Make Money
With patents...
The Curse (to Microsoft) of the Faroe Islands
The common factor there seems to be Apple
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, December 20, 2024
IRC logs for Friday, December 20, 2024
Gemini Links 21/12/2024: Death of Mike Case, Slow and Sudden End of the Web
Links for the day
Links 20/12/2024: Security Patches, Openwashing by Open Source Initiative, Prison Sentence for Bitcoin Charlatan and Fraud
Links for the day
Another Terrible Month for Microsoft in Web Servers
Consistent downward curve
LLM Slop Disguised as Journalism: The Latest Threat to the Web
A lot of it is to do with proprietary GitHub, i.e. Microsoft
Gemini Links 20/12/2024: Regulation and Implementing Graphics
Links for the day
Links 20/12/2024: Windows Breaks Itself, Mass Layoffs Coming to Google Again (Big Wave)
Links for the day
Microsoft: "Upgrade" to Vista 11 Today, We'll Brick Your Audio and You Cannot Prevent This
Windows Update is obligatory, so...
The Unspeakable National Security Threat: Plasticwares as the New Industrial Standard
Made to last or made to be as cheap as possible? Meritocracy or industrial rat races are everywhere now.
Microsoft's All-Time Lows in Macao and Hong Kong
Microsoft is having a hard time in China, not only for political reasons
[Meme] "It Was Like a Nuclear Winter"
This won't happen again, will it?
If You Know That Hey Hi (AI) is Hype, Then Stop Participating in It
bogus narrative of "Hey Hi (AI) arms race" and "era/age of Hey Hi" and "Hey Hi Revolution"
Bangladesh (Population Close to 200 Million) Sees Highest GNU/Linux Adoption Levels Ever
Microsoft barely has a grip on this country. It used to.
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, December 19, 2024
IRC logs for Thursday, December 19, 2024
Gemini Links 19/12/2024: Fast Year Passes and Advent of Code Ongoing
Links for the day
Twitter is Going to Fall Out of Top 100 Domains as Clownflare (DNS MitM) Sees It
evidence of Twitter's (X's) collapse
[Meme] Making Choices at the EPO
Decisions, decisions...
'Dark Patterns' or a Trap at the European Patent Office (EPO)
insincere if not malicious E-mail from the EPO's dictators
There's an Abundance of Articles About the New Release of Kali Linux, But This One is a Fake
It can add nothing except casual misinformation (fed back into the model to reinforce lies)
Large and Significant Error Correction in South America?
Windows now has less than half what Android achieved in terms of "market share"
IBM's Leadership Ruining Lives of People Who Thought Working for IBM Would be OK
Nobody gets fire-lined for buying IBM?
The United States' Authorities Ought to Become Enforcers of the General Public License (GPL) for National Security's Sake
US federal agencies ought to pursue availability of code and GPL compliance (copyleft), not bans
The Problem of Microsoft Security Problems is Microsoft (the Solution is to Quit Microsoft) and "Salt Typhoon" Coverage Must Name CALEA Back Doors
Name the holes, not those who exploit them.
A "Year of Efficiency"
No, we don't mean layoffs
Links 19/12/2024: Astronaut Record and Observer Absorbed
Links for the day
Links 19/12/2024: Seven Dirty Words and Isle Release v0.0.3 (Alpha)
Links for the day
Links 19/12/2024: Nurses Besieged by "Apps", More Harms of Social Control Media Illuminated
Links for the day
15 Countries Where Yandex is Already Seen to be Bigger Than Microsoft (in Search)
Georgia, Syrian Arab Republic, Cyprus, Moldova, Ukraine, Armenia, Azerbaijan, Kyrgyz Republic, Uzbekistan, Kazakhstan, Turkmenistan, Tajikistan, Belarus, Turkey, and Russia
Links 19/12/2024: Magnitude 7.3 Earthquake and Privacy Camp
Links for the day
Gemini Links 19/12/2024: Port Of Miami Explosion, TurboQOA, Gnus
Links for the day
Fake Articles About 'Linux'
Dated yesterday
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, December 18, 2024
IRC logs for Wednesday, December 18, 2024