openssh-blacklist for Debian
----------------------------

This package contains a set of default SSH keys that were known to have
been generated during the time when the Debian OpenSSL package had a
broken Random Number Generator.

The source package contains the full fingerprint of the vulnerable keys
in blacklist.RSA-2048 and blacklist.DSA-1024. The installed package uses a
partial fingerprint for identifying the keys by stripping off the first 12
bytes of the fingerprint.

 -- Kees Cook <kees@outflux.net>  Fri, 09 May 2008 15:44:32 -0700