pvaneynd: (Default)
pvaneynd ([personal profile] pvaneynd) wrote2015-10-23 06:28 am
  • Add Memory
  • Share This Entry
Entry tags:

waisting some CPU time

Given some people having rainbow tables I'm now waisting a lot of cpu time doing: 
for i in 2046 3072 4096 6144 7680 8192 ; do 
  ssh-keygen -G moduli-$i.candidates -b $i 
  ssh-keygen -T moduli-$i -f moduli-$i.candidates 
done
mv /etc/ssh/moduli /etc/ssh/moduli-normal
cat moduli-[23478]* > /etc/ssh/moduli
systemctl restart ssh.service
This should give me brand-new primes, used only by me. So even if 'bad people' spend a lot of time and money hacking the 20 odd 2048-bit primes distributed with ssh, I would be ... higher on their target list?
Flat | Top-Level Comments Only
vatine: Generated with some CL code and a hand-designed blackletter font (Default)

[personal profile] vatine 2015-10-23 07:52 am (UTC)(link)
You're generating a 6144-bit prime, then not actually using it?
pvaneynd: (Default)

[personal profile] pvaneynd 2015-10-23 11:55 am (UTC)(link)
Typo in the 'making the lines shorter for dreamwidth' stage, yes I'm using the 6144 bit primes too.

Wow, an attentive reader ;)
vatine: Generated with some CL code and a hand-designed blackletter font (Default)

[personal profile] vatine 2015-10-23 01:39 pm (UTC)(link)
Something in my subconscious said "that glob there looks weird".

Trained on multiple years of frequent code reviews, I bet.

2046?

[identity profile] trouble.is 2015-10-24 06:17 am (UTC)(link)
2046 isn't a very round number. Is that a typo for 2048?
All the other sizes are nice round numbers.
Flat | Top-Level Comments Only