Slashdot Mirror

← Back to Stories (view on slashdot.org)

Red Hat, Fedora Servers Compromised

Posted by kdawson on Friday August 22, 2008 @02:04AM from the quick-action dept.

An anonymous reader writes "In an email sent to the fedora-announce mailing list, it has been revealed that both Fedora and Red Hat servers have been compromised. As a result Fedora is changing their package signing key. Red Hat has released a security advisory and a script to detect potentially compromised openssh packages."

1 of 278 comments (clear)

Min score:

Reason:

Sort:

Re:Nothing to see here. by Anonymous Coward · 2008-08-22 03:12 · Score: 5, Informative

In the Redhat announcement, we can infer the passphrase and signing key were compromised, because the attacker signed invalid openssh packages.
Incorrect. The signing key used by Red Hat is inside a hardware security token.
So even though it was possible to use the token to sign packages as soon as access to the token has been removed for the intruder, he is unable to sign any more packages.
Mark Cox of the Red Hat security team explained this setup in a blog post some time ago at http://www.awe.com/mark/blog/200701300906.html.