Re: Legacy option for key length?

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Gert Doering wrote:
> On Mon, Jan 01, 2018 at 07:52:26AM -0800, Peter Moody wrote:
>> I would prefer that:
>>
>>  * commercial vendors patched the software they sold
>>  * people who purchased from these vendors to take responsibility for
>> their actions and apply pressure on the commercial vendors rather than
>> the free software developers who provide the client software, for
>> free.
> 
> You *are* aware what people are talking about?  Like, management cards
> for UPSes and such, where the important part is "will that UPS provide
> reliable power for a reasonable price", a secondary question is "can I
> monitor that thing in a reasonable way?", and a very very very minor
> influencing factor is "will the management card do SNMPv3, or SSH with o
> 2048 bit RSA key size"?

And another important question is:
How high is the risk that this unmaintained device is added to
yet-another-bot-net in the Internet-of-shitty-devices or is used to
enter parts of your network.

If you run such devices you have to do your homework. Part of this is to
setup secured admin gateways where you can run whatever customized SSH
client you need to accomodate this moldy devices. It might turn out that
it's cheaper to buy new devices though.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux