Hi,

as most are probably aware debian had a little "Oops" concerning
openssl 
(http://wiki.debian.org/SSLkeys#head-49a0007d742a0fcc4742d630456fecc08016fbb8).
unfortunately there is no mention of Bacula in their wiki so far.

Does anyone know if
- one should bother redoing the Bacula SD/DIR/FD/Console pass strings?
(they're done using openssl, and so far i thought they look quite
random
- someone already made scripts for regenerating the SSL/TLS keys for
people that use this for bacula
- people who used SD encryption might want to migrate / re-encrypt as
this might (i dont know!) be more susceptible for the weakness

Reading the "backupbox" sections advice
"start from scratch, destroying all trace of the backed up data, and
take other measures to mitigate the exposure of your secrets" I feel
there might be reason to worry.

I havent found another post regarding this in -users and I hope
someone can state on this, probably we should even supply the info to
the debian folks if we come up with something.

all best wishes,
Florian
(i'll go back to updating/redoing certs now, and can't wait till
FreeBSD xen PAE support is stable enough again to migrate back from
this nightmare)


-- 
'Sie brauchen sich um Ihre Zukunft keine Gedanken zu machen'

-------------------------------------------------------------------------
This SF.net email is sponsored by: Microsoft 
Defy all challenges. Microsoft(R) Visual Studio 2008. 
http://clk.atdmt.com/MRT/go/vse0120000070mrt/direct/01/
_______________________________________________
Bacula-users mailing list
Bacula-users AT lists.sourceforge DOT net
https://lists.sourceforge.net/lists/listinfo/bacula-users