On Thu, 2009-03-12 at 17:24 -0600, Kevin Fenzi wrote: > Some general comments: > > - As of F10 (I think) sha256 is the default, not md5 for passwords. > Check the "2.1.3. Password Security" section for that? This is true and we should probably update our recommended encryption levels appropriately. IMHO, I think SHA256 should be what we recommend. > - How about a section on openvpn? It should be a lot easier rand more > flexable than ipsec. I'm already planning a section on OpenVPN (I use it here) because the OpenVPN documentation that I've seen/read/purchased is horrible! > - ecryptfs might be worth a mention in the encryption section. > Possibly also fuse-encfs ? This was also on the to-do list but I haven't really messed with it. Since LUKS is the Fedora standard I thought it more important to discuss it. I'm still not thrilled with the LUKS portion in the book as I'd like to include more modifying commands for LUKS if you are using a box that has it in use from the beginning. > kevin Thanks for the feedback, Kevin. Always good to see what other people think. Eric
Attachment:
signature.asc
Description: This is a digitally signed message part
-- Fedora-security-list mailing list Fedora-security-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-security-list
