There is a serious security flaw in Debian openssl – the random number generator in Debian’s openssl package is predictable. As a result, cryptographic key material may be guessable.
=> Package : openssl
=> Vulnerability : predictable random number generator
=> Problem type : remote
=> Debian-specific: yes
=> CVE Id(s) : CVE-2008-0166
=> Checkout description and recommended fix at the following url:
[SECURITY] [DSA 1571-1] New openssl packages fix predictable random number generator
The SSH protocol is recommended for remote login and remote file transfer which provides confidentiality and security for data exchanged between two computer systems, through the use of public key cryptography. The OpenSSH server provides this kind of setup under Linux. It is installed by default. This how-to covers generating and using ssh keys for automated usage such as:
- Automated Login using the shell scripts.
- Making backups.
- Run commands from the shell prompt etc.
[click to continue…]