Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

Dowse::BadSSH on CPAN

Journal written by mugwumpjism (1871) and posted by brian_d_foy on 2008.05.16 0:55   Printer-friendly

One of the nasty things about the recent OpenSSH vulnerability is that it affects non-debian systems, too.

Thankfully the script to find the bad keys was written in Perl. With a bit of back-porting, I managed to get it to work with perl 5.6.1, and thanks to the magic of Module::Install, I have made a tarball which includes the dependencies of the debian-published script and uploaded to CPAN as Dowse::BadSSH.

Unlike the published script, the updated dowkd.pl is capable of removing bad keys and checks more places on the system, such as known_hosts files and the system host key.

Portability patches more than welcomed.

Yes, I realise I probably should have based my work off the upstream sources

Also available from utsl.gen.nz

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.
  • This is a little confusing to install via the CPAN shell because you can't just say "install Dowse::BadSSH". Instead, I had to say "install SAMV/Dowse-BadSSH-0.07.tar.gz"

    I recommend that you add a trivial .pm to the file with a tiny bit of POD explaining