Debian Predictable Random Number Generator Weakness
Table of Contents
In 2008 it was found that certain Debian releases implemented a critically flawed random number generator. This caused SSH and OpenSSL keys generated from these machines to be predictable, allowing most encrypted traffic to be susceptible to decryption. Furthermore, SSH services configured with key based authentication can be brute forced with the relatively small numbers of keys that could exist. In these situations a remote attacker would be able to obtain system level access if they can identify a username using key based auth.
Debian has released the dowkd utility to check for vulnerable keys: https://wiki.debian.org/SSLkeys#Testing_keys_using_dowkd.pl
Below shows a predictable key identified: root@kali:~/debian_ssh/debian_ssh_scan_v4# ./debian_ssh_scan_v4.py
[..]
Remediation
Virtue Security recommends the all system packages are updated and that SSH keys are regenerated.