{QUOTE-> U.S.-CERT is warning of attacks targeting Linux-based infrastructures using compromised SSH keys. After access is gained to the system, local kernel exploits are used to gain root access. A rootkit is then installed to steal more SSH keys. The attack could be related to a flaw affecting Debian-based encryption keys discovered earlier this year. <-QUOTE}Story (http://www.eweek.com/c/a/Security/Attackers-Targeting-Linux-Infrastructures-With-Rootkit-to-Steal-SSH-Keys/)