← Back to team overview

elementary-dev-community team mailing list archive

Re: URGENT: Update and change your SSH keys IMMEDIATELY

 

Better be covered! ;)

Cheers!


2014-04-08 14:57 GMT-03:00 Sergey "Shnatsel" Davidoff <
sergey@xxxxxxxxxxxxxxxx>:

> I've been over-reacting then. Sorry.
>
>
> 2014-04-08 21:33 GMT+04:00 Ramiro Algozino <algozino@xxxxxxxxx>:
>
> GitHub just tweeted:
>>
>> @github  <https://twitter.com/github> 32 min
>>  <https://twitter.com/github/status/453578068255588352>Another note
>> regarding the OpenSSL vulnerability: SSH is not affected. You don't need to
>> do anything with your SSH keys.
>>
>> Source: https://twitter.com/github/status/453578068255588352
>>
>> Cheers,
>>
>>
>> 2014-04-07 23:16 GMT-03:00 Sergey "Shnatsel" Davidoff <
>> sergey@xxxxxxxxxxxxxxxx>:
>>
>>>  Since Launchpad itself is probably vulnerable, I strongly suggest
>>> everyone with code commit and/or PPA upload permissions to CLEAR ALL
>>> COOKIES and refrain from using Launchpad until
>>> https://bugs.launchpad.net/launchpad/+bug/1304136 is fixed.
>>>
>>>
>>> 2014-04-08 5:14 GMT+04:00 Sergey "Shnatsel" Davidoff <
>>> sergey@xxxxxxxxxxxxxxxx>:
>>>
>>> Oh yeah, right, don't forget to change your important passwords too!
>>>>
>>>>
>>>> 2014-04-08 4:56 GMT+04:00 desiderantes@xxxxxxxxxxxxxx <
>>>> desiderantes@xxxxxxxxxxxxxx>:
>>>>
>>>> SSH does not use TLS per se, so revoking ssh keys is not that useful
>>>>>
>>>>> Enviado desde Mail con Replicant
>>>>>
>>>>>  ------------------------------
>>>>> * From: * victor-eduardo <victoreduardm@xxxxxxxxx>;
>>>>> * To: * Sergey Shnatsel Davidoff <sergey@xxxxxxxxxxxxxxxx>;
>>>>> * Cc: * elementary-dev-community@xxxxxxxxxxxxxxxxxxx <
>>>>> elementary-dev-community@xxxxxxxxxxxxxxxxxxx>;
>>>>> * Subject: * Re: [Elementary-dev-community] URGENT: Update and change
>>>>> your SSH keys IMMEDIATELY
>>>>> * Sent: * Tue, Apr 8, 2014 12:36:30 AM
>>>>>
>>>>>   Thanks for the heads up!
>>>>>
>>>>> OpenSSL is flawed by design indeed :(
>>>>>
>>>>> On lun, abr 7, 2014 at 6:31 , Sergey Shnatsel Davidoff <
>>>>> sergey@xxxxxxxxxxxxxxxx> wrote:
>>>>>
>>>>> Also do not forget to revoke the older keys wherever they are used -
>>>>> Launchpad, etc.
>>>>>
>>>>>
>>>>> 2014-04-08 3:45 GMT+04:00 Sergey "Shnatsel" Davidoff <
>>>>> sergey@xxxxxxxxxxxxxxxx>:
>>>>>
>>>>>> There's a killer bug in OpenSSL that leaks private keys! Update your
>>>>>> system and change your SSH private keys (and other private keys for good
>>>>>> measure) IMMEDIATELY!
>>>>>>
>>>>>> More info at http://heartbleed.com/
>>>>>> *runs off to upgrade all machines and change keys everywhere*
>>>>>> --
>>>>>> Sergey "Shnatsel" Davidoff
>>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Sergey "Shnatsel" Davidoff
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> Sergey "Shnatsel" Davidoff
>>>>
>>>
>>>
>>>
>>> --
>>> Sergey "Shnatsel" Davidoff
>>>
>>> --
>>> Mailing list: https://launchpad.net/~elementary-dev-community
>>> Post to     : elementary-dev-community@xxxxxxxxxxxxxxxxxxx
>>> Unsubscribe : https://launchpad.net/~elementary-dev-community
>>> More help   : https://help.launchpad.net/ListHelp
>>>
>>>
>>
>>
>> --
>> Ramiro Algozino
>> http://ramiroalgozino.com.ar/
>>
>
>
>
> --
> Sergey "Shnatsel" Davidoff
>



-- 
Ramiro Algozino
http://ramiroalgozino.com.ar/

References