Friday, May 30, 2008

How to check SSH and SSL Certificates for the debian flaw

I had quite a few questions from people how to check their SSH- and SSL-certificate for the recent debian-flaw. As i had to check a few hundred customer-sites too, i did a little webinterface for checking SSHCerts and SSLCerts for the PRNG-Bug.

See them at work at and

No magic behind - just debians ssh-vulnkey and a php-rippoff from the chksslkey-shellscript written by Michael Holzt. Maybe this will help the average rootserver-admin checking their sites.

Both scripts use standard-sets for verifying the keys, checking only standard-dsa/rsa-keys for ssh and 1024/2048-bit-keys on the ssl-check. Drop me a line to if you really need to check for any different keysizes.




mary said...

please, I need urgent help.

does any body knows what is the polynomial used to compute crc 16 in this tool ?

thomas said...

Please, if you need urgent help, why don't you just write to the contact adress written on this website?

It's monitored by a human being. Me. The creator of this site.

I won't hurt anybody asking questions. Most of Serversniff's CRCs are generated by jonelo's tool "jacksum" - and the CRC 16 is

x^16 + x^15 + x^2 + 1

This is the most common stuff used e.g. in LHA and ARC.

There is a another common CRC16 used in X.25, defined in RFC1331. If you want Serversniff to compute this CRC16 as well, you might drop me a line.

If your are really geeky about CRC you might want to ask your favourite search-engine: there are quite a few other sites out there in netland that offer CRC-Checksums out of totally configurable polynoms.


ssl encryption said...

I just want to say thanks a lot for the help and information that this website gives to people like me. It's much appreciated and it's great to think that if I have any other problems that I could contact you for further help, that's really great. Good luck with everything you do.

voyance gratuite en ligne par mail said...

Thank you for this nice post ... and smiling (for no obvious subject)!