The OpenSSL Vulnerability
I recently established my network to use SSH connections. My three Ubuntu systems I discovered were using weak keys that had been generated using the flawed packages. If you haven’t been paying attention, Canonical issued USN-612-1 on 5/13/2008. If you’re using keys that have been generated since September 2006, it’s likely that you need to regenerate all keys. If you have any doubts, I encourage you to regenerate all keys. It will affect any key used that was generated on a compromised system. The biggest trouble for me was getting OpenSSL and OpenSSH-server packages to update. I used the ssh-copy-id command to make it the process easy for me.
