Comments on: Time to get a new set of keys http://www.mckeay.net/2008/05/15/time-to-get-a-new-set-of-keys/ The views of one man on security, privacy and anything else that catches his attention Wed, 20 Aug 2008 09:56:21 +0000 http://wordpress.org/?v=abc By: Eric http://www.mckeay.net/2008/05/15/time-to-get-a-new-set-of-keys/#comment-1903 Eric Thu, 15 May 2008 20:40:33 +0000 http://www.mckeay.net/2008/05/15/time-to-get-a-new-set-of-keys/#comment-1903 As Martin said, I'd recommend updating your system and regenerating your keys either way. It's probably good practice to regenerate them pretty frequently. I did a brief audit of my /var/log/auth and noticed an increased number of ssh-scans. From a simple regional ISP, 4 a day seems pretty excessive. Of course I've got my honeypot set to give them 4 shots to log in before rejecting them for good, so I'd love to know how much they'd be hitting it if they were trying to brute force it. As Martin said, I’d recommend updating your system and regenerating your keys either way. It’s probably good practice to regenerate them pretty frequently. I did a brief audit of my /var/log/auth and noticed an increased number of ssh-scans. From a simple regional ISP, 4 a day seems pretty excessive. Of course I’ve got my honeypot set to give them 4 shots to log in before rejecting them for good, so I’d love to know how much they’d be hitting it if they were trying to brute force it.

]]> By: Martin http://www.mckeay.net/2008/05/15/time-to-get-a-new-set-of-keys/#comment-1900 Martin Thu, 15 May 2008 19:29:38 +0000 http://www.mckeay.net/2008/05/15/time-to-get-a-new-set-of-keys/#comment-1900 I'm not certain, but I suspect they are. I don't have any linux servers at home anymore and I'm not responsible for any professionally, so I haven't looked into the issue other than the basics. Martin I’m not certain, but I suspect they are. I don’t have any linux servers at home anymore and I’m not responsible for any professionally, so I haven’t looked into the issue other than the basics.

Martin

]]> By: Eric http://www.mckeay.net/2008/05/15/time-to-get-a-new-set-of-keys/#comment-1899 Eric Thu, 15 May 2008 19:04:43 +0000 http://www.mckeay.net/2008/05/15/time-to-get-a-new-set-of-keys/#comment-1899 Was this addressed with the OpenSSH update that came out over the past 2 days? Was this addressed with the OpenSSH update that came out over the past 2 days?

]]>