Yesterday I posted about a vulnerability in OpenSSL that limited the entropy used to generate encryption keys. HD Moore did some research on this topic and discovered the only variable used to generate a key on a vulnerable system was the PID of the process generating the key. The default maximum number of PIDs on a Linux system is 32,767. Which means there are 32,767 possible keys that can be generated for each algorithm and key size. Yikes!
Next HD generated all possible 1024-bit DSA and 2048-bit RSA keys for SSH and posted them online for folks to download. His cluster is presently working on generating the 4096-bit keys.
So what can be done with these keys? Someone could use them to brute force SSH accounts that allow public key authentication using a key generated on a vulnerable system. Today someone would have to write their own tool to perform this attack but HD will soon release a tool to perform this task.
Update: The ISC did a write-up on this as well. http://isc.sans.org/diary.html?storyid=4420