remedying debian ssl issue

[der.hans]

Am 13. Mai, 2008 schwätzte Alex Dean so:

> I've got a personal server and a laptop running Ubuntu Hardy.  I've run full 
> system updates including libssl, openssl, etc.
>
> Crypto isn't really my thing, so I'm not sure all the places where this issue 
> might have affected me.  After the update, I regenerated my host keys for 
> openssh, the certificate used for courier-imap-ssl, and the self-signed cert 
> I use for the web server.
>
> What other steps might I need to take?  Are the things I've done so far 
> sensible, or were they unnecessary?

Sensible if the certs were generated in the last couple of years.

I think certs/keys older than 2006 should be safe.

If you have client sessions open to services make sure they get restarted
as well.

One of the posts I read suggested also changing passwords for systems that
had weak keys.

Luckily most of my keys are older than the bug :).

ciao,

der.hans
-- 
#  https://www.LuftHans.com/        https://LOPSA.org/
#  If determining good culture is left up to busybodies and politicians,
#  we will be left with culture fit only for busybodies and politicians.
#                                                -- Jeff Taylor, Reason