Limited Keys Issue

The generation of the key pairs for SSH is dependent on the seed value (random number) provided as input at the start. A bug in the random number generation processes limited the total number of random numbers that were generated as input for creating keys in debian based systems from 2006 to 2008.

So it is possible to create a predefined set of keys based on the limited random number and guess the key of a SSH system.

A github repo has already created all possible keys with necessary scripts to look up those keys as long as the fingerprint of the public key is supplied.

GitHub - g0tmi1k/debian-ssh: Debian OpenSSL Predictable PRNG (CVE-2008-0166)GitHub

You can generate the fingerprint using the following command,

ssh-keygen -l -f known_host_pub -E md5

The command is for generating a md5 fingerprint, you may change it depending on your requirement.

Once you have the fingerprint and all the keys downloaded from the above mentioned website, you can look up the files to find the corresponding private key.

rsa/2048/**c67b14faaeb689e66717ee0417b0ec4e-26670** #this is an example

Once you have the keys, you can use the private key to login to SSH using the command mentioned in the previous page.

PreviousSSH NextSMTP

Last updated 2 years ago