One of the nasty things about the recent OpenSSH vulnerability is that it affects non-debian systems, too.
Thankfully the script to find the bad keys was written in Perl. With a bit of back-porting, I managed to get it to work with perl 5.6.1, and thanks to the magic of Module::Install, I have made a tarball which includes the dependencies of the debian-published script and uploaded to CPAN as Dowse::BadSSH.
Unlike the published script, the updated dowkd.pl is capable of removing bad keys and checks more places on the system, such as known_hosts files and the system host key.
Portability patches more than welcomed.
Yes, I realise I probably should have based my work off the upstream sources
Also available from utsl.gen.nz
