Issue 89513 - Please update my DSA ssh key
Summary: Please update my DSA ssh key
Status: CLOSED FIXED
Alias: None
Product: Infrastructure
Classification: Infrastructure
Component: Website general issues (show other issues)
Version: current
Hardware: All All
: P2 Trivial (vote)
Target Milestone: ---
Assignee: Unknown
QA Contact: issues@www
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2008-05-15 16:23 UTC by thb
Modified: 2009-11-03 08:56 UTC (History)
2 users (show)

See Also:
Issue Type: DEFECT
Latest Confirmation in: ---
Developer Difficulty: ---

Attachments
new dsa key (601 bytes, text/plain)
2008-05-15 16:29 UTC, thb 		no flags Details
old ssh key (599 bytes, text/plain)
2009-11-02 09:52 UTC, thb 		no flags Details
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this issue.
Description thb 2008-05-15 16:23:58 UTC 
Due to http://www.debian.org/security/2008/dsa-1571 my ssh key is potentially
insecure, please update to the new one.
Comment 1 thb 2008-05-15 16:29:05 UTC 
Created attachment 53671 [details]
new dsa key
Comment 2 stx123 2008-05-16 15:07:53 UTC 
Your old key has been removed and the new one is in place.
Comment 3 thb 2008-06-03 13:08:49 UTC 
Nope. Old, vulnerable key is _still_ active (the new one as well, that's good -
but please remove the old one, as it poses a significant security risk). The
old, to-be-removed key has the fingerprint
5e:ed:a0:82:8c:cf:c3:60:cc:37:cb:b9:a6:26:24:7b. Thanks.
Comment 4 lsuarezpotts 2009-10-13 22:13:57 UTC 
Has this been done? I looked at the SSH2 keys for user thb and found only the current one....

Louis
Comment 5 thb 2009-10-14 17:32:15 UTC 
Yes, this is _still_ the case, just tried it. Incredible. :(
Comment 6 thb 2009-10-14 17:33:06 UTC 
(hearsay had it there is another keyring at collab)
Comment 7 thb 2009-10-14 17:34:27 UTC 
gah.
Comment 8 lsuarezpotts 2009-10-21 17:49:53 UTC 
support: can you see if you can find user thb's other key? I see only one, when I use my admin privileges 
to manage ssh2 keys.

thanks
louis
Comment 9 Unknown 2009-10-22 22:26:01 UTC 
thb

Can you copy/paste your old SSH key that needs to be deleted from the server.
Our administrators haven't found your older key on the server except for the
current/new one.

Regards
N Deepak
Technical Support Engineer
CollabNet Inc.
Comment 10 Unknown 2009-10-28 03:04:36 UTC 
thb

Ping...Can you paste your old key here for us to find it in our database?

Regards
N Deepak
Technical Support Engineer
CollabNet Inc.
Comment 11 Unknown 2009-11-01 14:52:26 UTC 
thb

Any updates as yet?

Regards
N Deepak
Technical Support Engineer
CollabNet Inc.
Comment 12 thb 2009-11-02 09:51:24 UTC 
Oops, was away from my issuezilla mail - attaching public key for fingerprint:

1024 5e:ed:a0:82:8c:cf:c3:60:cc:37:cb:b9:a6:26:24:7b
Comment 13 thb 2009-11-02 09:52:23 UTC 
Created attachment 65844 [details]
old ssh key
Comment 14 Unknown 2009-11-02 16:58:39 UTC 
Thb

The old key has been deleted. Could you please check & confirm the same for me
to close this case for now?

Regards
N Deepak
Technical Support Engineer
CollabNet Inc.
Comment 15 thb 2009-11-03 08:55:42 UTC 
Confirmed fix.
Comment 16 thb 2009-11-03 08:56:21 UTC 
closing.