Page MenuHomeVyOS Platform
Feed Advanced Search

Advanced Search
Use Results
Hide Query

Sun, Mar 30

mjones-vsat added a comment to T7217: Private SSH key reuse in the console server service.

I looked through some Debian and Ubuntu ISOs and didn't notice dropbear installed in the live image. It's likely we are mostly susceptible to this because the live image is used as a loopback mount during normal installation. Many other Debian-based systems would be debootstrapped onto the host.

Sun, Mar 30, 2:31 AM · VyOS 1.4 Sagitta (1.4.2), VyOS Rolling, VyOS 1.5 Circinus

Tue, Mar 18

mjones-vsat added a comment to T7217: Private SSH key reuse in the console server service.

Thanks. I'll see what I can do about reporting this upstream!

Tue, Mar 18, 7:07 PM · VyOS 1.4 Sagitta (1.4.2), VyOS Rolling, VyOS 1.5 Circinus

Mon, Mar 17

mjones-vsat added a comment to T7217: Private SSH key reuse in the console server service.

MITRE has assigned CVE-2025-30095.

Mon, Mar 17, 2:18 AM · VyOS 1.4 Sagitta (1.4.2), VyOS Rolling, VyOS 1.5 Circinus

Thu, Mar 13

mjones-vsat added a comment to T7217: Private SSH key reuse in the console server service.

Looks like it was assigned too restrictively before.

Thu, Mar 13, 11:53 PM · VyOS 1.4 Sagitta (1.4.2), VyOS Rolling, VyOS 1.5 Circinus
mjones-vsat updated subscribers of T7217: Private SSH key reuse in the console server service.
Thu, Mar 13, 11:52 PM · VyOS 1.4 Sagitta (1.4.2), VyOS Rolling, VyOS 1.5 Circinus
mjones-vsat added a comment to T7217: Private SSH key reuse in the console server service.

Hi there,

Thu, Mar 13, 11:50 PM · VyOS 1.4 Sagitta (1.4.2), VyOS Rolling, VyOS 1.5 Circinus

Mon, Mar 10

mjones-vsat changed the visibility for T7217: Private SSH key reuse in the console server service.
Mon, Mar 10, 9:41 PM · VyOS 1.4 Sagitta (1.4.2), VyOS Rolling, VyOS 1.5 Circinus

Thu, Mar 6

mjones-vsat added a comment to T7217: Private SSH key reuse in the console server service.

Is there anyone else we should tag on this ticket?

Thu, Mar 6, 1:23 AM · VyOS 1.4 Sagitta (1.4.2), VyOS Rolling, VyOS 1.5 Circinus

Tue, Mar 4

mjones-vsat renamed T7217: Private SSH key reuse in the console server service from test to Key reuse in VyOS Dropbear deployment.
Tue, Mar 4, 4:54 PM · VyOS 1.4 Sagitta (1.4.2), VyOS Rolling, VyOS 1.5 Circinus
mjones-vsat changed the visibility for T7217: Private SSH key reuse in the console server service.
Tue, Mar 4, 4:53 PM · VyOS 1.4 Sagitta (1.4.2), VyOS Rolling, VyOS 1.5 Circinus
mjones-vsat created T7217: Private SSH key reuse in the console server service.
Tue, Mar 4, 4:52 PM · VyOS 1.4 Sagitta (1.4.2), VyOS Rolling, VyOS 1.5 Circinus