[Nevis-linux] ssh keys
seligman at nevis.columbia.edu
Mon Oct 6 12:52:06 EDT 2008
If you don't know what an "ssh key" is, or you have never set up "pine without a
password" as described in
<http://www.nevis.columbia.edu/mail/pine-without-password.html>, you can ignore
On 03-Sep-2008, I sent out a notice about a security incident at Nevis, and
asked everyone to change their passwords. Unfortunately, I have learned that
the attacker potentially had access to some users' ssh keys as well.
At the time of the security incident, I changed all the system and my personal
ssh keys, since I thought those there the only ones relevant to the attack. Now
that I know that the attacker had access to other ssh keys, I must ask everyone
to change their ssh keys as well.
I know that, in some ways, changing your ssh keys can be more painful than
changing your passwords. If you need some help in going through this procedure,
please let me know.
Bill Seligman | Phone: (914) 591-2823
Nevis Labs, Columbia Univ | mailto://email@example.com
PO Box 137 | http://www.nevis.columbia.edu/~seligman/
Irvington NY 10533 USA | XDI: http://public.xdi.org/=william.seligman
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 3277 bytes
Desc: S/MIME Cryptographic Signature
Url : http://listserv.nevis.columbia.edu/pipermail/nevis-linux/attachments/20081006/706398d3/attachment.bin
More information about the Nevis-linux