Bonum Certa Men Certa

The Notorious, Catastrophic 2008 Debian OpenSSH Vulnerability

posted by Roy Schestowitz on Jun 08, 2024,
updated Jun 08, 2024

Debian logo

Debian OpenSSH Vulnerability, Jasone Blevins. (2008)

In May 2008, a bug was discovered in the Debian OpenSSL package which affected the seeding of the random number generator (RNG) used to generate keys. Any SSH keys generated by affected systems should be considered compromised. GnuPG keys are not affected. See the official Debian security advisory for details.

This does not mean that an attacker could immediately guess your private key, but because there was significantly less entropy being introduced into the seeding of the RNG, the key space was significantly reduced making a brute-force attack feasible. As I understand it, the primary source of entropy for seeding the RNG was originally uninitialized memory from the heap. Additional, more predictable components like the current process ID (an integer between 1 and 32,768) were also used. Due to an erroneous patch introduced in September 2006, uninitialized memory was no longer used in seeding the RNG leaving the process ID as the primary source of randomness. Thus, generated keys can be predicted to the extent that one knows how soon after boot time a key was generated. For example, SSH host keys are usually generated immediately after installation and so they are likely to have been generated by a processes with IDs, say, less than 500.

If it were not for this ever so small bit of “randomness,” this bug would likely have been discovered much sooner, before the patch made it to stable distributions, as someone would have noticed that all their SSH keys were the same. Unfortunately, as they say, bad cryptography looks the same as good cryptography.

Once the bug was discovered, Debian security updates were released that blacklisted the vulnerable keys, causing the system to fall back to a password-based login. If you have an affected key and try to log into an updated system, you may see a message like the following:

Public key 81:e6:75:64:17:5f:e2:ff:12:c3:ac:85:43:1e:6a:3c blacklisted (see ssh-vulnkey(1)); refusing to send it 

Thus as long as your system is up to date, you can sleep well knowing that it won’t be compromised and update your key at your leisure. However, if you have been used to using ssh-agent and key-based authentication, typing your password over and over will soon become burdensome and you’ll want to generate a new key.

The remainder of this article discusses how to check your key and generate a new one if necessary. If you would like to read more about the situation, Russ Cox wrote a very nice article which provides some technical background and documents the decisions leading up to the offending patch.

Read on...

Other Recent Techrights' Posts

'India Today' is a Slopfarm, Sometimes 'Covering' "Linux" With Slop Images
New example of pure BS
Rumours of IBM Layoffs Again, This Time Marketing
It's "bad marketing" to talk about layoffs
Slopwatch: linuxsecurity.com and hamradio.my (in Planet Ubuntu) Are at It Again With LLM Slop About "Linux"
LLM slop does not save time
Bluewashing Ends DEI at IBM and at Red Hat (HR or Hiring Become Gender- and Race-Neutral)
All that "whitelist is racist" stuff is likely a thing of the past
 
Sierra Leone: Android Up to Record Highs, Windows Falls to Record Lows of Almost 5% (15 Years Ago It Was 100%)
This is what happens when about 83% of Web requests come from mobile
Margarita Manterola (marga, Google) & Debian DebConf13 Swiss venue intrigue
Reprinted with permission from Daniel Pocock
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Friday, March 14, 2025
IRC logs for Friday, March 14, 2025
Gemini Links 14/03/2025: Grizzy Bear and Prime Beats
Links for the day
Links 14/03/2025: ProPublica Admitting That It Uses Slop (Foolish Move), RIP Mark Klein
Links for the day
Windows is Fast Becoming Insignificant to Zimbabweans
based on this survey, less than 1 in 6 Web requests may originate from Windows
The Fall of the Open Source Initiative (OSI): The OSI Does Not Speak For You, OSI Staff Speaks for GAFAM/Microsoft (the Paymasters)
they speak for proprietary software companies, but they wear "open" on their sleeve
Microsoft Money Used for Abuse of Women and Against Journalism in Support of Women (the Victims)
"Never interrupt your opponent while he is in the middle of making a mistake."
Links 14/03/2025: Chinese Tensions With Australia, Putin Turns Down Ceasefire
Links for the day
Gemini Links 14/03/2025: Löjl and Docker Context Stuff
Links for the day
Links 14/03/2025: Scam Currencies in the US and Oligarchs (Including GAFAM) Controlling All the Major Policies
Links for the day
Antisemitic Attacks on Richard Matthew Stallman (RMS) in Wikipedia This Week
Did the man strike a nerve or what?
Links 13/03/2025: Intel Rotates Figurehead and South Korea Imports Karen People From Myanmar
Links for the day
Meanwhile at Microsoft Canonical...
Promoting proprietary surveillance by a company that actively attacks Linux in a lot of ways
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Thursday, March 13, 2025
IRC logs for Thursday, March 13, 2025
Links 13/03/2025: Calculators and Spreadsheets, Returning to a Human Internet
Links for the day
Links 13/03/2025: Further Assaults on Science and Education in the US
Links for the day
Expect XBox to Be Shut Down Like Skype
"hey hi"-washing fools nobody
Truth Hurts (Especially Some Dishonest and/or Greedy People), But Reporting Truth is What Makes Journalism Valuable to the General Public and Helps Protect Society From Abuse by Sociopaths or Pathological Liars
When it comes to reporting, we're on the side of female victims, not the men who strangle them.
New Paper Reveals the Web (and Net) Drowns in LLM Slop, "Linux" is Impacted Too
It will be getting harder to trust anything on the Web
Links 13/03/2025: RIP, Carl Lundström; Tesla (the Company, Not Scientist It Piggybacks) Besieged by Public Backlash
Links for the day
Gemini Links 13/03/2025: MElon "Greek Tragedy" and Going Offline More
Links for the day
Richard Matthew Stallman, or rms (RMS), Turns 72 This Coming Weekend
This coming Sunday he deserves a cake
Links 13/03/2025: COVID-19 Legacies and "Modern" Cars as Spying Machines on Wheels
Links for the day
Over at Tux Machines...
GNU/Linux news for the past day
IRC Proceedings: Wednesday, March 12, 2025
IRC logs for Wednesday, March 12, 2025