[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: reset ssh keys, even if only a public key in fedora?



> Hi.
>
> On Tue, 19 Aug 2008 11:32:14 -0400, Simo Sorce wrote:
>
>> DSA keys can be compromised if the server you connect to is
>> compromised. See discussions about the recent openssl debacle for
>> debian.
>
> Which kind of invalidates the whole "public key" concept, doesn't it?

:)  Yup.

> Not wanting to start a new discussion about this, but the fact that
> (some) debian-created keys were weak (and thus crackable) wasn't the
> servers fault, but the fault of the client that generated the key in
> the first place (unless I'm getting something seriously wrong).

Correct.  It was also server keys, but that wouldn't compromise your own
client key, just the security of the server's key.  To crack the
encryption, you still need wither the private key or a lot of time and PCU
cycles.  The debian issue simply reduced the number of CPU cycles.

> --
> fedora-devel-list mailing list
> fedora-devel-list redhat com
> https://www.redhat.com/mailman/listinfo/fedora-devel-list
>


-- 
novus ordo absurdum


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]