Re: available crypto policies

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 06/06/2014 12:30 PM, Hubert Kario wrote:

----- Original Message -----

From: "Florian Weimer" <fweimer@xxxxxxxxxx>
To: security@xxxxxxxxxxxxxxxxxxxxxxx
Sent: Friday, June 6, 2014 10:58:17 AM
Subject: Re: available crypto policies

On 06/05/2014 04:41 PM, Eric H. Christensen wrote:


Who still uses 1024-bit keys?  You aren't finding a CA to sign them.


By default, sshd uses 1024 bits for the protocol 1 ephemeral server key.


Isn't version 1 completely broken and you shouldn't use it at all?
Just like SSLv2?


Yes, it's disabled by default.

--
Florian Weimer / Red Hat Product Security Team
--
security mailing list
security@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/security
[Index of Archives]     [Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Big List of Linux Books]     [Yosemite News]     [KDE Users]     [Coolkey]

  Powered by Linux