Login or Register to Ask a Question and Join Our Community


Security Advisories (RSS)

Ubuntu: openssl-blacklist update

Login to Discuss or Reply to this Discussion in Our Community

 
Thread Tools Search this Thread
Special Forums Cybersecurity Security Advisories (RSS) Ubuntu: openssl-blacklist update
# 1  
Old 05-21-2008
Ubuntu: openssl-blacklist update
LinuxSecurity.com: USN-612-3 addressed a weakness in OpenSSL certificate and key generation in OpenVPN by introducing openssl-blacklist to aid in detecting vulnerable private keys. This update enhances the openssl-vulnkey tool to check X.509 certificates as well, and provides the corresponding update for Ubuntu 6.06. While the OpenSSL in Ubuntu 6.06 was not vulnerable, openssl-blacklist is now provided for Ubuntu 6.06 for checking certificates and keys that may have been imported on these systems.

More...
Login or Register to Ask a Question

Previous Thread | Next Thread

1 More Discussions You Might Find Interesting

1. Solaris

Solaris v Ubuntu using OpenSSL paste problem

Hello, I hope this means something to someone. I have an odd problem that just started happening recently. I am not the system admin, so I don't have full info on any changes to the system lately. Except that I did upgrade OpenSSL to version 1.0.1.c from 1.0.0j. Anyway, I am trying to... (4 Replies)
Discussion started by: jonycp
4 Replies
Login or Register to Ask a Question

LEARN ABOUT OPENSOLARIS

gendsa

gendsa(1openssl)						      OpenSSL							  gendsa(1openssl)

NAME

       gendsa - generate a DSA private key from a set of parameters

SYNOPSIS

       openssl gendsa [-out filename] [-des] [-des3] [-idea] [-rand file(s)] [-engine id] [paramfile]

DESCRIPTION

       The gendsa command generates a DSA private key from a DSA parameter file (which will be typically generated by the openssl dsaparam com-
       mand).

OPTIONS

       -des|-des3|-idea
	   These options encrypt the private key with the DES, triple DES, or the IDEA ciphers respectively before outputting it. A pass phrase is
	   prompted for.  If none of these options is specified no encryption is used.

       -rand file(s)
	   a file or files containing random data used to seed the random number generator, or an EGD socket (see RAND_egd(3)).  Multiple files
	   can be specified separated by a OS-dependent character.  The separator is ; for MS-Windows, , for OpenVMS, and : for all others.

       -engine id
	   specifying an engine (by it's unique id string) will cause req to attempt to obtain a functional reference to the specified engine,
	   thus initialising it if needed. The engine will then be set as the default for all available algorithms.

       paramfile
	   This option specifies the DSA parameter file to use. The parameters in this file determine the size of the private key. DSA parameters
	   can be generated and examined using the openssl dsaparam command.

NOTES

       DSA key generation is little more than random number generation so it is much quicker that RSA key generation for example.

SEE ALSO

       dsaparam(1), dsa(1), genrsa(1), rsa(1)

OpenSSL-0.9.8							    Oct 11 2005 						  gendsa(1openssl)