May 13th, 2008

OpenSSL Vulnerability CVE-2008-0166

A vulnerability exists in many versions of the Debian OpenSSL library that produces predictable keys.

What you should do if you are running Debian or Ubuntu

If you are running any version of Debian or Ubuntu, you should install the patched version of the openssl package and regenerate any cryptographic keys or certificates that were built using the old version. Updates also exist for related packages that blacklist use of known bad keys.

Ubuntu OpenSSL advisory

Ubuntu OpenSSH advisory

Ubunty OpenVPN advisory

Debian OpenSSL advisory

Note that simply updating the packages is not sufficient to patch this issue, you will need to actively replace any and all keys that are vulnerable.

A test for vulnerability can be downloaded here

To update an existing slice-

Debian
aptitude update
aptitude upgrade && aptitude dist-upgrade

Ubuntu 7.10 & 8.04
aptitude update
aptitude safe-upgrade && aptitude full-upgrade

What you should do if you are running any other distro

Due to the way your slice is initially built, other distro's that are not directly vulnerable may have weak ssh host keys. We would recommend regenerating all slice host keys at this time, which would look something like this-

rm /etc/ssh/ssh_host_[rd]sa_key
ssh-keygen -t dsa -N "" -f /etc/ssh/ssh_host_dsa_key
ssh-keygen -t rsa -N "" -f /etc/ssh/ssh_host_rsa_key
/etc/init.d/ssh restart

Note that only the 2 host keys on non-deb/ubuntu slices would potentially be affected.

Our Debian and Ubuntu base installs are updated to fix this issue. Any slices built after Wed May 14 GMT 17:00 are already patched.

For questions and comments please use this forum thread

Posted by jason Filed in

7 Comments

  1. May 14th, 2008 at 03:02 AM Lex

    Whew, what a mess. I’m glad I’m on Gentoo.

    Looks like you need some newlines in that example to regenerate host keys…

  2. May 14th, 2008 at 07:14 AM Stéphane Bortzmeyer

    Lex, read again the announcement. Even if you have a Gentoo, you are probably vulnerable, since the initial SSH keys were apparently generated on a Debian…

  3. May 14th, 2008 at 03:21 PM Rob Wilmshurst

    I’m running two Gentoo slices and the keys on both needed regenerating (one is only a week or so old), so it’s definitely not just a Debian slice issue.

    Once I’d removed the ssh_host* keys (stopped sshd first) it was just a case of starting sshd again; no need to manually regenerate the keys.

    -Rob

  4. May 14th, 2008 at 04:22 PM Lex

    Oh, I already remade my host key. I’m just glad I don’t have to remake my self-signed CA and SSL certificates, and my user SSH keys. Thanks for the heads-up, though, Stéphane.

  5. May 14th, 2008 at 08:47 PM Grant

    Thanks for the heads up!

  6. May 15th, 2008 at 03:08 AM Chris

    Yes, thanks for the heads-up on this one.

    I suggest you kick out a message on your Twitter to let as many people know as possible.

    Sheesh, can’t believe this big of a ‘hole’ existed for so long.

    Thanks again, SliceHost … quick action and a relatively painless fix.

  7. May 21st, 2008 at 01:54 AM Matt

    Greatly appreciate the heads up! Keep up the good work.

    On a side note, it’d be cool if there was an announcement mailing list for stuff like this. I don’t get to surf the blogs as often as I’d like :-(. Having a low-volume announce list would definitely make things more noticeable (at least for me).

Leave a Reply