Re: reset ssh keys, even if only a public key in fedora?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



> Hi.
>
> On Tue, 19 Aug 2008 11:32:14 -0400, Simo Sorce wrote:
>
>> DSA keys can be compromised if the server you connect to is
>> compromised. See discussions about the recent openssl debacle for
>> debian.
>
> Which kind of invalidates the whole "public key" concept, doesn't it?

:)  Yup.

> Not wanting to start a new discussion about this, but the fact that
> (some) debian-created keys were weak (and thus crackable) wasn't the
> servers fault, but the fault of the client that generated the key in
> the first place (unless I'm getting something seriously wrong).

Correct.  It was also server keys, but that wouldn't compromise your own
client key, just the security of the server's key.  To crack the
encryption, you still need wither the private key or a lot of time and PCU
cycles.  The debian issue simply reduced the number of CPU cycles.

> --
> fedora-devel-list mailing list
> fedora-devel-list@xxxxxxxxxx
> https://www.redhat.com/mailman/listinfo/fedora-devel-list
>


-- 
novus ordo absurdum

-- 
fedora-devel-list mailing list
fedora-devel-list@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-devel-list

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Fedora Announce]     [Fedora Kernel]     [Fedora Testing]     [Fedora Formulas]     [Fedora PHP Devel]     [Kernel Development]     [Fedora Legacy]     [Fedora Maintainers]     [Fedora Desktop]     [PAM]     [Red Hat Development]     [Gimp]     [Yosemite News]
  Powered by Linux