Yesterday, 13 May 2008, was a really bad day for the Debian project, probably one of the worst days in the history of Debian. Luciano Bello discovered that the random number generator in Debian’s openssl package is predictable. This is caused by an incorrect Debian-specific change to the openssl package (CVE-2008-0166). As a result, cryptographic key material may be guessable.

Systems which are running any of the following releases are affected :

• Debian 4.0 (etch):
  http://www.debian.org/security/2008/dsa-1571
• Ubuntu 7.04 (Feisty), 7.10 (Gutsy), 8.04 LTS (Hardy):
  http://www.ubuntu.com/usn/usn-612-1
• and other debian etch based distros.

Read the rest of this entry »

This document describes how to install and use sshfs, a FUSE based filesystem that uses SSH to mount remote folders. Since it is based on FUSE (userspace filesystem framework for Linux) your kernel will need to have the fuse module available. FUSE is included in kernel newer than 2.6.14, so I will assume that you will have it already included in your kernel.

Read the rest of this entry »