On Tue, 14 Nov 2023 13:46:16 +1300, Peter Reutemann quoted:
'For the first time, researchers have demonstrated that a large portion of cryptographic keys used to protect data in computer-to-server SSH traffic are vulnerable to complete compromise when naturally occurring computational errors occur while the connection is being established.'
According to this analysis <https://www.theregister.com/2023/11/14/passive_ssh_key_compromise/>, the vulnerabilities are limited to certain hardware devices: It's important to state here that the software libraries OpenSSL and LibreSSL, and thus OpenSSH, are not known to be vulnerable to the aforementioned key deduction method. That means, in our view, the vast majority of devices, servers, and other equipment on the internet are not at risk, and what you're left with is some Internet-of-Things and similar embedded gear susceptible to attack. Also, there is not enough evidence (yet) to conclude that IPsec is also vulnerable.