Re: blacklisting the bad ssh keys?

2008-05-23 Thread Abe Singer
Ahh the irony, apparently Debian has implement just such a feature, but as patch to ssh within their distro:[EMAIL PROTECTED]/msg214853.html On Thu, May 22, 2008 at 11:19:05AM -0700, Abe Singer wrote: On Wed, May 14, 2008 at 07:52:58PM -0400, Steven M

Re: blacklisting the bad ssh keys?

2008-05-22 Thread Abe Singer
On Wed, May 14, 2008 at 07:52:58PM -0400, Steven M. Bellovin wrote: Given the published list of bad ssh keys due to the Debian mistake (see, should sshd be updated to contain a blacklist of those keys? I suspect that a Bloom filter

Re: Private Key Generation from Passwords/phrases

2007-01-30 Thread Abe Singer
On Sun, Jan 28, 2007 at 11:52:16AM -0500, Steven M. Bellovin wrote: Is that all in one /etc/passwd file (or the NIS equivalent)? Or is it a Kerberos KDC? I note that a salt buys the defense much less in a For SDSC, one file. For UCSD, not sure, but I suspect it's (now) a KDC. (Brian, are

Re: Interesting bit of a quote

2006-07-12 Thread Abe Singer
On Tue, Jul 11, 2006 at 05:50:06PM -0700, David Wagner wrote: No, it doesn't. I think you've got it backwards. That's not what SB1386 says. SB1386 says that if a company conducts business in Caliornia and has a system that includes personal information stored in unencrypted from and if