Re: where did www.debian.org/security/key-rollover/ go?

Douglas A. Tutty wrote:
After keys are regenerated and all old keys are removed, would a reboot
be in order to ensure that no apps are using old files that have been
unlinked but still open?

If replacing a key for a daemon like ssh, or apache, or postfix, restart
the daemon. Some of these daemons read the key file into memory on
startup and never re-read it.

I don't suppose that new version of (was it ssh) in Sid that warns of
connections with weak keys will be backported to Etch as a security fix?

Yes, ssh in etch will be updated.

--
see shy jo

Attachment: signature.asc
Description: Digital signature

Relevant Pages

  • SUMMARY : SSH installation on Solaris 8
    ... Part of the installation sequence is the following: ... I have follwed below document and able to install the ssh long back ... All of the required packages of this tutorial is available from ... Create a startup script for the ssh daemon. ...
    (SunManagers)
  • Remote SSH commands
    ... Tipically If you run a remote command using SSH the behavior is the ... What about if instead of ls I want to execute a daemon and leave the ...
    (comp.os.linux.networking)
  • Re: backdoor named tvic / Kayten / ttyshd download in apache logfile
    ... The ttyshd opened a telnet account for them. ... They replaced the ssh daemon and the log/network daemons. ... Yes some cgi and php. ...
    (comp.security.unix)
  • hardening SSH
    ... My primary box (for ssh, it's the my daemon) is on dsl. ... I checked my secure log file (on the daemon box), and have examples of IPs that I was assigned. ...
    (Fedora)
  • Re: problems with jail
    ... Active Internet connections ... I can't find anything on limiting sockets of these to a ... Please post the output of the command above to see why you get ssh connections ... to your jail IP answered by the host's ssh daemon. ...
    (freebsd-questions)