Date: Thu, 10 Apr 2014 12:10:09 +0200 From: Carlo Strub <cs@FreeBSD.org> To: Lena@lena.kiev.ua Cc: freebsd-security@freebsd.org, mexas@bris.ac.uk Subject: Re: FreeBSD Security Advisory FreeBSD-SA-14:06.openssl Message-ID: <1397124609.974780.949873937.113568.2@c-st.net> In-Reply-To: <20140409084809.GA2661@lena.kiev> References: <20140409084809.GA2661@lena.kiev> <201404082334.s38NYDxr098590@freefall.freebsd.org> <201404090821.s398LMg7020616@mech-cluster241.men.bris.ac.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
>=20 > SSH is not affected. >=20 SSH is indeed not affected, but I guess you should still consider the secre= t sshd key on your otherwise affected server as burnt, as it might have bee= n in the memory too while an attacker was inspecting it via heartbleed. Bet= ter recreate the secret ssh key and all other secret keys on your server as= well. But, again, the OpenSSH protocol/software per se are not affected.=
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1397124609.974780.949873937.113568.2>