Ubuntu

ec2 amazon instance

Asked by weber

Hi!

There is a security advisory " [USN-612-4] ssl-cert vulnerability" - according to this advisory "All OpenSSH and X.509 keys generated on such systems (ubuntu 7.04, 7.10, 8.04 LTS and Debian 4.0 (etch)) must be considered untrustworthy"

Does this thing have relation to the keys which were generated by amazon ec2-add-keypair tool?

Thanks for any help.

Question information

Language:
English Edit question
Status:
Answered
For:
Ubuntu Edit question
Assignee:
No assignee Edit question
Last query:
Last reply:
Revision history for this message
Jad Madi (jad) said : 		#1

not really sure but the report came with a solution,
first you have to upgrade your openssh and then run

sudo ssh-vulnkey -a

Revision history for this message
weber (pseudo-uzer) said : 		#2

But those keys are generated with amazon tool ec2-add-keypair, and used to access ssh on ec2 instance using private key.
ssh-vulnkey says: "Unknown (no blacklist information)" about the public key.

Thanks.

Revision history for this message
Jad Madi (jad) said : 		#3

Then consulting AWS would be the best in your case.

Can you help with this problem?

Provide an answer of your own, or ask weber for more information if necessary.

To post a message you must log in.