pvaneynd: (Default)
[personal profile] pvaneynd
Given some people having rainbow tables I'm now waisting a lot of cpu time doing:
for i in 2046 3072 4096 6144 7680 8192 ; do 
  ssh-keygen -G moduli-$i.candidates -b $i 
  ssh-keygen -T moduli-$i -f moduli-$i.candidates 
done
mv /etc/ssh/moduli /etc/ssh/moduli-normal
cat moduli-[23478]* > /etc/ssh/moduli
systemctl restart ssh.service
This should give me brand-new primes, used only by me. So even if 'bad people' spend a lot of time and money hacking the 20 odd 2048-bit primes distributed with ssh, I would be ... higher on their target list?

Date: 2015-10-23 07:52 am (UTC)
vatine: Generated with some CL code and a hand-designed blackletter font (Default)
From: [personal profile] vatine
You're generating a 6144-bit prime, then not actually using it?

Date: 2015-10-23 01:39 pm (UTC)
vatine: Generated with some CL code and a hand-designed blackletter font (Default)
From: [personal profile] vatine
Something in my subconscious said "that glob there looks weird".

Trained on multiple years of frequent code reviews, I bet.

2046?

Date: 2015-10-24 06:17 am (UTC)
From: [identity profile] trouble.is
2046 isn't a very round number. Is that a typo for 2048?
All the other sizes are nice round numbers.

Profile

pvaneynd: (Default)
pvaneynd

March 2017

S M T W T F S
   1234
567891011
12131415 161718
19202122232425
262728293031 

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Mar. 30th, 2017 02:54 am
Powered by Dreamwidth Studios