From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <overseers-return-8482-listarch-overseers=sources.redhat.com@sourceware.org>
Received: (qmail 24547 invoked by alias); 25 Oct 2005 23:07:56 -0000
Mailing-List: contact overseers-help@sourceware.org; run by ezmlm
Precedence: bulk
List-Archive: <http://sourceware.org/ml/overseers/>
List-Post: <mailto:overseers@sourceware.org>
List-Help: <mailto:overseers-help@sourceware.org>,
	<http://sourceware.org/ml/#faqs>
Sender: overseers-owner@sourceware.org
Received: (qmail 24537 invoked by uid 22791); 25 Oct 2005 23:07:54 -0000
Received: from yosemite.airs.com (HELO yosemite.airs.com) (205.217.158.180)
    by sourceware.org (qpsmtpd/0.30-dev) with SMTP; Tue, 25 Oct 2005 23:07:54 +0000
Received: (qmail 16607 invoked by uid 10); 25 Oct 2005 23:07:52 -0000
Received: (qmail 5701 invoked by uid 500); 25 Oct 2005 23:07:45 -0000
To: kenner@vlsi1.ultra.nyu.edu (Richard Kenner)
Cc: overseers@gcc.gnu.org
Subject: Re: SSH2 public key?
References: <10510252244.AA20932@vlsi1.ultra.nyu.edu>
From: Ian Lance Taylor <ian@airs.com>
Date: Tue, 25 Oct 2005 23:20:00 -0000
In-Reply-To: <10510252244.AA20932@vlsi1.ultra.nyu.edu>
Message-ID: <m31x29fb5q.fsf@gossamer.airs.com>
User-Agent: Gnus/5.09 (Gnus v5.9.0) Emacs/21.4
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
X-SW-Source: 2005-q4/txt/msg00107.txt.bz2

kenner@vlsi1.ultra.nyu.edu (Richard Kenner) writes:

>      By the way, this public key doesn't correspond to the private key you
>      just sent out to lots of people plus a web archive, right?
> 
> I don't know enough about ssh to answer that question.

Well, you sent out an SSH private key.  The question is whether you
generated a new private/public key pair, using ssh-keygen, before you
sent out the public key.  Or whether you just sent the public key you
already had.

> I do know that I had a *huge* problem getting ssh to work in all the various
> configurations I needed it to and so I'm loath to change anything
> even if I knew what to change.  Moreover, one of the system I'd have
> to change since on is inaccessable for an unknown period of time due to
> Hurricane Wilma ...

Our problem is that we now have a security hole.  Our system doesn't
have the tightest security, but we do work at it, and this is a pretty
blatant hole.  It means that anybody sufficiently knowledgeable can do
anything they want on the system.  I don't think that is acceptable.

I'm going to switch your set of authorized keys back to what they were
before.  Please generate a new SSH key pair, and send us the new
public key.  Thanks.

Ian