I updated openssl as soon as it was available and then ran ssh-keygen to replace
/root/.ssh/id_rsa and /root/.ssh/id_rsa.pub. But that was before an ssh update was available.
Was key creation fixed at this point, or are my new keys still potentially vulnerable? They
are not flagged by the now-available ssh-vulnkey, but that won't necessarily catch everything.
I also regenerated some SSL certificates, but since that is actually using the openssl
command-line interface it would obviously have been fixed by that point.
In any event, I need to figure out if I have to back and redo personal keys again.
Additionally, the new ssh packages don't give me an option to regenerate host keys, as the
email seemed allude to. I had to do that by hand.