Wichtige Hetzner Online Kundeninformation: Server-Sicherheitshinweis

Important Hetzner Online Customer Information: Server Security Notice

An SSH server uses host keys to uniquely identify itself to connecting
clients. These keys are normally automatically regenerated each time a
new installation of the operating system is done.

Due to an error in the installation software introduced on April 10th,
2015
, the Ed25519 SSH host keys (/etc/ssh/ssh_host_ed25519_key) on our
standard images were no longer individually regenerated.

This resulted in identical Ed25519 SSH host keys for each affected OS
image.

An attacker could use this situation to compromise or eavesdrop on the
SSH communication between the client and the server using a
man-in-the-middle attack.

However, due to the security of our network setup, such an attack within
our network is highly unlikely as each server can only directly
communicate with the corresponding router.

Nevertheless we would like to urge you to replace the Ed25519 SSH host
key of your server as soon as possible. The other host keys (RSA, DSA,
ECDSA) are not affected and are unique.

Instructions and information on how to replace the host key can be
found in our wiki under wiki.hetzner.de/index.php/Ed25519/en

At this point we would like to thank our customer Arendsen Thomas Hein,
Intevation GmbH. He alerted us to this problem yesterday afternoon. The
error was promptly corrected, and installations after December 29th,
4 pm are no longer affected.

For any queries please do not hesitate to contact us. In this case
please send a support request to ed25519@hetzner.de.

Thank you for your understanding.

Kind regards

Hetzner Online GmbH
Industriestr. 25
91710 Gunzenhausen / Germany
Tel: +49 9831 505-0
Fax: +49 9831 505-3
info@hetzner.com
www.hetzner.com

0 комментариев

Оставить комментарий