From owner-freebsd-security  Thu Aug 29 23:19:12 2002
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 2524137B400
	for <freebsd-security@FreeBSD.org>; Thu, 29 Aug 2002 23:19:09 -0700 (PDT)
Received: from grover.snew.com (grover.snew.com [206.136.66.62])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 7D9B643E4A
	for <freebsd-security@FreeBSD.org>; Thu, 29 Aug 2002 23:19:08 -0700 (PDT)
	(envelope-from chuck@snew.com)
Received: from grover.snew.com (localhost [127.0.0.1])
	by grover.snew.com (8.12.4/8.12.4) with ESMTP id g7U6J2tI032093;
	Thu, 29 Aug 2002 23:19:02 -0700 (PDT)
Received: (from chuck@localhost)
	by grover.snew.com (8.12.4/8.12.4/Submit) id g7U6IxSc032092;
	Thu, 29 Aug 2002 23:18:59 -0700 (PDT)
Date: Thu, 29 Aug 2002 23:18:59 -0700
From: Chuck Yerkes <chuck+bsd@sept2002.snew.com>
To: "Perry E. Metzger" <perry@piermont.com>
Cc: freebsd-security@FreeBSD.org, tech-security@netbsd.org,
	misc@openbsd.org
Subject: Re: 1024 bit key considered insecure (sshd)
Message-ID: <20020829231859.A31958@snew.com>
References: <20020828200748.90964.qmail@mail.com> <3D6D3953.6090005@mukappabeta.de> <20020828224330.GE249@localhost> <87k7mamc2s.fsf@snark.piermont.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.2.5i
In-Reply-To: <87k7mamc2s.fsf@snark.piermont.com>; from perry@piermont.com on Thu, Aug 29, 2002 at 02:08:27AM -0400
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-security.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-security>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-security>
X-Loop: FreeBSD.org

Quoting Perry E. Metzger (perry@piermont.com):
> Mipam <mipam@ibb.net> writes:
> > On Wed, Aug 28, 2002 at 10:57:55PM +0200, Matthias Buelow wrote:
> > > >and maybe we should update our rc scripts,
> > > >so that ssh-keygen generates at least 1280 Bit keys
...
> > I dont think its too much overrated and theoretical.
> I do. If someone with millions of dollars to spend on custom designed
> hardware wants to break into your computer, I assure you that

For just 1 million, I'll roll them a tape.  Hell, I'll mail it to them.
OTOH, we can certainly use SSH with OPIE.

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message