-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Carl F?rstenberg:
but surely, can't all the keys people are using
for logging in been compromized?
i'm not sure what you're asking here. as far as i understand the problem,
using an SSH key to log into an affected server does not compromise the key.
(if it did, that would be very bad, because the point of asymmetric
cryptography is that the other end doesn't know your private key.)
the key _is_ affected if you copy the private part of the key to an affected
server and use it there.
- river.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.8 (SunOS)
iEYEARECAAYFAkgqugcACgkQIXd7fCuc5vKmcQCfc7EOSyReiUzclEhrqVRLkZ51
gOUAoL+X5IkqeS31PREL1w6SpBGBH7PA
=Srv4
-----END PGP SIGNATURE-----