This weakness is specific to Ubuntu and Debian systems only, you can scan systems
looking for weak keys, Debian has distributed a black list for rsa2 and dsa2 keys.
I generated a rsa1 key blacklist for some legacy systems who are still using SSH V1.

[[http://vapid.dhs.org/rsa1-1024-fingerprints.gz|rsa1-1024 fingerprints]]


[[http://vapid.dhs.org/rsa1-2048-fingerprints.gz|rsa1-2048 fingerprints]]

Credit:

[[http://www.metasploit.com/users/hdm/tools/debian-openssl| H D Moore at metasploit.com]]