Mailing-List: contact cygwin-help AT sourceware DOT cygnus DOT com; run by ezmlm List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner AT sources DOT redhat DOT com Delivered-To: mailing list cygwin AT sources DOT redhat DOT com Date: Mon, 12 Feb 2001 10:15:20 +0100 From: Corinna Vinschen To: cygwin Subject: Re: Authentication By-Pass Vulnerability in OpenSSH 2.3.1 (devel snapshot) (fwd) Message-ID: <20010212101520.D2107@cygbert.vinschen.de> Mail-Followup-To: cygwin References: <20010209084018 DOT C4880 AT cygbert DOT vinschen DOT de> <3A83A7B3 DOT 756449B5 AT ece DOT gatech DOT edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <3A83A7B3.756449B5@ece.gatech.edu>; from cwilson@ece.gatech.edu on Fri, Feb 09, 2001 at 03:17:55AM -0500 On Fri, Feb 09, 2001 at 03:17:55AM -0500, Charles Wilson wrote: > Corinna Vinschen wrote: > > FYI for those running snapshots. I have removed the openssh-20010202 > > snapshot from cygwin/latest. > > > > If you are using the openssh-20010202 snapshot PLEASE REVERT BACK TO > > openssh-20001221 OR openssh-2.3.0p1.!!! > > This means you have to re-regenerate your RSA keys after reverting back > to the older version, right? Right, but only the SSH2 RSA keys, not the SSH1 keys. Or you drop usage of SSH2 RSA until the next official OpenSSH is released. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Developer mailto:cygwin AT cygwin DOT com Red Hat, Inc. -- Want to unsubscribe from this list? Check out: http://cygwin.com/ml/#unsubscribe-simple