An anonymous reader writes: It is not clear what other Linode images are affected as they sent the notice to each customer directly (and did not post this security issue on their blog):
It has come to our attention that there is an issue with the Ubuntu 15.10 image we offered from November 10th, 2015, through February 4th, 2016. Any Linodes deployed using this image within this time frame are using identical SSH server keys. If you're receiving this ticket, you have a disk image currently affected by this issue.
For those unfamiliar with these terms, consider this fuller explanation: Each Linux server running the SSH daemon should have a set of unique keys, used to generate the encryption between client and server. While this traffic is still secure against an attempt to access data by "wire sniffing," someone could use those keys to institute a "man in the middle" attack. The network rules on our infrastructure prevent such an attack from a neighboring Linode, but connections made from insecure wifi-networks or clients with compromised DNS could be vulnerable.
The steps required to resolve this issue are easy and few. First, from your Linode terminal, as root or with the sudo prefix, run:
rm -f /etc/ssh/ssh_host_*
service ssh restart