On 15.12.2016 20.45, David Sommerseth wrote: > If you have a shabby random number generator and no entropy gathering > configured, > those keys can be fairly poor. This goes in particular for embedded devices, > but also in > some cases also includes virtual machines (depends on if the hypervisor > provides some reasonable RNG interface the VMs can use).
Agreed, I failed to bring that up. Just goes to show that it's not really the choice between ciphers that theoretically take 1 million or 100 million years to bruteforce that is most important, as there are so many other potential missteps that can drastically reduce your actual security level. > -- > kind regards, > > David Sommerseth /Magnus ------------------------------------------------------------------------------ Check out the vibrant tech community on one of the world's most engaging tech sites, SlashDot.org! http://sdm.link/slashdot _______________________________________________ Openvpn-users mailing list Openvpn-users@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/openvpn-users
