On 2016-08-08 14:17, Conrad Meyer wrote:
> The OpenSSH defaults are intentionally sane. RSA 2048 is anticipated
> to be fine for the next 10 years. It would not be a bad choice. I'm
> not aware of any reason not to use EC keys, and presumably the openssh
> authors wouldn't ship them as an option if they knew of any reason to
> believe they were compromised.
> On Mon, Aug 8, 2016 at 10:56 AM, Devin Teske <dte...@freebsd.org> wrote:
>> Which would you use?
>> "" In the wake of the exposure of Dual_EC_DRBG as "an NSA undercover
>> operation", cryptography experts have also expressed concern over the
>> security of the NIST recommended elliptic curves,
>> suggesting a return to encryption based on non-elliptic-curve groups. ""
>> Or perhaps RSA? (as des@ recommends)
>> (not necessarily to Glen but anyone that wants to answer)
>>> On Aug 4, 2016, at 6:59 PM, Glen Barber <g...@freebsd.org> wrote:
> This is a heads-up that OpenSSH keys are deprecated upstream by OpenSSH,
> and will be deprecated effective 11.0-RELEASE (and preceeding RCs).
> Please see r303716 for details on the relevant commit, but upstream no
> longer considers them secure. Please replace DSA keys with ECDSA or RSA
> keys as soon as possible, otherwise there will be issues when upgrading
> from 11.0-BETA4 to the subsequent 11.0 build, but most definitely the
> 11.0-RELEASE build.
> On behalf of: re@ and secteam@
As far as I know, the "advantage" to ED25519 keys, is that you can build
openssh without openssl, if you forgo supporting RSA etc.
email@example.com mailing list
To unsubscribe, send any mail to "freebsd-current-unsubscr...@freebsd.org"