On 2016-08-08 14:17, Conrad Meyer wrote: > The OpenSSH defaults are intentionally sane. RSA 2048 is anticipated > to be fine for the next 10 years. It would not be a bad choice. I'm > not aware of any reason not to use EC keys, and presumably the openssh > authors wouldn't ship them as an option if they knew of any reason to > believe they were compromised. > > Best, > Conrad > > On Mon, Aug 8, 2016 at 10:56 AM, Devin Teske <dteske_at_freebsd.org> wrote: >> Which would you use? >> >> ECDSA? >> >> https://en.wikipedia.org/wiki/Elliptic_curve_cryptography <https://en.wikipedia.org/wiki/Elliptic_curve_cryptography> >> >> "" In the wake of the exposure of Dual_EC_DRBG as "an NSA undercover operation", cryptography experts have also expressed concern over the security of the NIST recommended elliptic curves,[31] <https://en.wikipedia.org/wiki/Elliptic_curve_cryptography#cite_note-31> suggesting a return to encryption based on non-elliptic-curve groups. "" >> >> Or perhaps RSA? (as des_at_ recommends) >> >> (not necessarily to Glen but anyone that wants to answer) >> -- >> Devin >> >> >>> On Aug 4, 2016, at 6:59 PM, Glen Barber <gjb_at_FreeBSD.org> wrote: >>> > This is a heads-up that OpenSSH keys are deprecated upstream by OpenSSH, > and will be deprecated effective 11.0-RELEASE (and preceeding RCs). > > Please see r303716 for details on the relevant commit, but upstream no > longer considers them secure. Please replace DSA keys with ECDSA or RSA > keys as soon as possible, otherwise there will be issues when upgrading > from 11.0-BETA4 to the subsequent 11.0 build, but most definitely the > 11.0-RELEASE build. > > Glen > On behalf of: re_at_ and secteam_at_ > As far as I know, the "advantage" to ED25519 keys, is that you can build openssh without openssl, if you forgo supporting RSA etc. -- Allan JudeReceived on Mon Aug 08 2016 - 16:21:31 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:41:07 UTC