pvaneynd: (Default)
[personal profile] pvaneynd
Given some people having rainbow tables I'm now waisting a lot of cpu time doing:
for i in 2046 3072 4096 6144 7680 8192 ; do 
  ssh-keygen -G moduli-$i.candidates -b $i 
  ssh-keygen -T moduli-$i -f moduli-$i.candidates 
done
mv /etc/ssh/moduli /etc/ssh/moduli-normal
cat moduli-[23478]* > /etc/ssh/moduli
systemctl restart ssh.service
This should give me brand-new primes, used only by me. So even if 'bad people' spend a lot of time and money hacking the 20 odd 2048-bit primes distributed with ssh, I would be ... higher on their target list?
From:
Anonymous( )Anonymous This account has disabled anonymous posting.
OpenID( )OpenID You can comment on this post while signed in with an account from many other sites, once you have confirmed your email address. Sign in using OpenID.
User
Account name:
Password:
If you don't have an account you can create one now.
Subject:
HTML doesn't work in the subject.

Message:

 
Notice: This account is set to log the IP addresses of everyone who comments.
Links will be displayed as unclickable URLs to help prevent spam.

Profile

pvaneynd: (Default)
pvaneynd

March 2017

S M T W T F S
   1234
567891011
12131415 161718
19202122232425
262728293031 

Most Popular Tags

Style Credit

Expand Cut Tags

No cut tags
Page generated Mar. 25th, 2017 03:53 am
Powered by Dreamwidth Studios