Re: password managers (was: Re: Watch out for Bezeq
I use KeepassX(Linux/Windows/Android) + Dropbox (to sync KDB file). On Tue, Sep 3, 2013 at 4:12 PM, Amos Shapira amos.shap...@gmail.com wrote: I use lastpass for all of them (Linux desktop, OSX laptop, Android phone). Worth the $12/year. On 3 September 2013 04:43, Michael Shiloh michaelshiloh1...@gmail.com wrote: It's also important to consider smart phone access. I use password gorilla on my ubuntu laptops, passwdsafe on my android, and i sync the common database via ubuntu one. On 09/02/2013 04:49 AM, ronys wrote: plug PasswordSafe http://pwsafe.org, while mainly developed for Windows, has usable buildshttps://sourceforge.net/projects/passwordsafe/files/Linux-BETA/0.91/for deb rpm distros. Artistic License 2.0 http://www.opensource.org/licenses/artistic-license-2.0.php. /plug disclaimerI'm the admin/lead developer of PasswordSafe/disclaimer On Mon, Sep 2, 2013 at 2:10 PM, Rabin Yasharzadehe ra...@rabin.io wrote: On Mon, Sep 2, 2013 at 1:21 PM, Dotan Cohen dotanco...@gmail.com wrote: Go sign up for Lastpass, my entire office is now using it. I lets you set up individual passwords for every site, and they are encrypted locally. And remotely (on there servers) P.S, You can use it with Firefox on you mobile device (as firefox addon), just a note, that if you set the Password Iterations too high (5000 by there recommendation) it will increase Firefox loading time significantly -- *Rabin* ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Michael Shiloh teachmetomake.com/wordpress KA6RCQ Educational Materials coordinator at Arduino.cc Electronics, Robotics, Digital Fabrication, and Arduino educator California College of the Arts San Francisco Art Institute San Francisco State University ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Leon Romanovsky | Independent Linux Consultant www.leon.nu | l...@leon.nu ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Winter clock issues in linux
On 9/8/2013 12:21 AM, E.S. Rosenberg wrote: What puzzles me in this whole thing is that it seems to me tzdata updates should be available to all versions regardless of their production state, but it seems a lot of distros are locked to specific versions Can anyone point me to a correct Asia/Jerusalem file without having to install a package? I have two old systems I want to fix, without any other mods? TIA. Geoff Geoff. -- Geoffrey S. Mendelson 4X1GM/N3OWJ Jerusalem Israel. ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Winter clock issues in linux
Download the current tzdate file from iana and compile the file yourself e.g - http://www.borngeek.com/2009/03/16/updating-time-zone-information-in-linux/ On Sun, Sep 8, 2013 at 11:56 AM, geoffrey mendelson geoffreymendel...@gmail.com wrote: On 9/8/2013 12:21 AM, E.S. Rosenberg wrote: What puzzles me in this whole thing is that it seems to me tzdata updates should be available to all versions regardless of their production state, but it seems a lot of distros are locked to specific versions Can anyone point me to a correct Asia/Jerusalem file without having to install a package? I have two old systems I want to fix, without any other mods? TIA. Geoff Geoff. -- Geoffrey S. Mendelson 4X1GM/N3OWJ Jerusalem Israel. __**_ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/**mailman/listinfo/linux-ilhttp://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- *Rabin* ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
[hopefully on topic] is SSH secure in default configuration?
Hi, I am not hopeful to secure much of anything against the likes of NSA or GCHQ. However, my curiousity woke up when the latest NYT/Guardian/ProPublica pieces about NSA/GCHQ/friends compromising much of Internet encryption were accompanied by graphics like http://www.nytimes.com/interactive/2013/09/05/us/unlocking-private-communications.html Now, NYT is hardly a technical authority, but I assume they have technically competent sources and advisers. The above page lists Cisco, Microsoft (I wonder if they were the ones who outed Skype - chuckle), and EFF as sources. I shrug at HTTPS/SSl/TLS/VPN/Skype,IM - nothing surprises there. The only part that is somewhat surprising (and particularly relevant to Linux-IL) is SSH. Why is SSH (on Linux) included and is the inclusion justified? A glance at man 5 ssh_config (or man 5 sshd_config) reveals the Ciphers section and the default preference list for v2 ciphers, with AES-128 in the leading position. Can any security/cryptography guru here (Or? Aviram? Noam? anyone?) confirm or deny that AES-128 may be suspect? AES-256 still seems to be regarded as NSA-safe (but not RC4? http://www.theregister.co.uk/2013/09/06/nsa_cryptobreaking_bullrun_analysis/). Is it prudent to reconfigure ssh/sshd to prefer AES-256? Can anyone comment on performance impact of using AES-256 vs. AES-128 for the usual scenarios? I am not sure I quite understand the implications of AES-128 and AES-256 both being NSA-approved as Type-1/Suite-B algos. I'd hope that NSA assume that anything they can break others can break, too, so Type 1 product being defined as endorsed by the NSA for securing classified and sensitive U.S. Government information, when appropriately keyed hopefully means NSA cannot break it. However, there is also Type-1/Suite-A... Suite A being seemingly regarded as even more secure than Suite B (is it?) goes against the common cryptographic wisdom that says disclosed algos deserve more trust. Is it an indication that (at least) AES-128 may be somewhat vulnerable? Or is is only because AES was not historically NSA-sourced that it is in Suite B and not in Suite A? http://en.wikipedia.org/wiki/Type_1_product http://en.wikipedia.org/wiki/NSA_Suite_B_Cryptography http://en.wikipedia.org/wiki/NSA_Suite_A_Cryptography Back to NYT graphics: Another, more mundane possibility is that NSA's partial success against SSH (and/or OpenSSH implementation) means that SSHv1 and DES (and maybe the default triple-DES???) are vulnerable. That would not be a big surprise (at least the DES part). I am not changing the default SSHv2 Ciphers configuration unless someone I trust says AES-128 is suspect. And maybe not even then... But curiousity is killing this cat... -- Oleg Goldshmidt | p...@goldshmidt.org ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: password managers (was: Re: Watch out for Bezeq
That's what I used too, until I got sick of files getting out of sync on various devices, having to keep track of what needs to be sync'ed were and copy usernames and passwords manually. All of this was gone when I switched to LastPass. On 8 September 2013 16:55, Leon Romanovsky l...@leon.nu wrote: I use KeepassX(Linux/Windows/Android) + Dropbox (to sync KDB file). On Tue, Sep 3, 2013 at 4:12 PM, Amos Shapira amos.shap...@gmail.com wrote: I use lastpass for all of them (Linux desktop, OSX laptop, Android phone). Worth the $12/year. On 3 September 2013 04:43, Michael Shiloh michaelshiloh1...@gmail.com wrote: It's also important to consider smart phone access. I use password gorilla on my ubuntu laptops, passwdsafe on my android, and i sync the common database via ubuntu one. On 09/02/2013 04:49 AM, ronys wrote: plug PasswordSafe http://pwsafe.org, while mainly developed for Windows, has usable builds https://sourceforge.net/projects/passwordsafe/files/Linux-BETA/0.91/for deb rpm distros. Artistic License 2.0 http://www.opensource.org/licenses/artistic-license-2.0.php. /plug disclaimerI'm the admin/lead developer of PasswordSafe/disclaimer On Mon, Sep 2, 2013 at 2:10 PM, Rabin Yasharzadehe ra...@rabin.io wrote: On Mon, Sep 2, 2013 at 1:21 PM, Dotan Cohen dotanco...@gmail.com wrote: Go sign up for Lastpass, my entire office is now using it. I lets you set up individual passwords for every site, and they are encrypted locally. And remotely (on there servers) P.S, You can use it with Firefox on you mobile device (as firefox addon), just a note, that if you set the Password Iterations too high (5000 by there recommendation) it will increase Firefox loading time significantly -- *Rabin* ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Michael Shiloh teachmetomake.com/wordpress KA6RCQ Educational Materials coordinator at Arduino.cc Electronics, Robotics, Digital Fabrication, and Arduino educator California College of the Arts San Francisco Art Institute San Francisco State University ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Leon Romanovsky | Independent Linux Consultant www.leon.nu | l...@leon.nu -- [image: View my profile on LinkedIn] http://www.linkedin.com/in/gliderflyer ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: [hopefully on topic] is SSH secure in default configuration?
2013/9/8 Oleg Goldshmidt p...@goldshmidt.org: Hi, I am not hopeful to secure much of anything against the likes of NSA or GCHQ. However, my curiousity woke up when the latest NYT/Guardian/ProPublica pieces about NSA/GCHQ/friends compromising much of Internet encryption were accompanied by graphics like http://www.nytimes.com/interactive/2013/09/05/us/unlocking-private-communications.html Now, NYT is hardly a technical authority, but I assume they have technically competent sources and advisers. The above page lists Cisco, Microsoft (I wonder if they were the ones who outed Skype - chuckle), and EFF as sources. I shrug at HTTPS/SSl/TLS/VPN/Skype,IM - nothing surprises there. The only part that is somewhat surprising (and particularly relevant to Linux-IL) is SSH. Why is SSH (on Linux) included and is the inclusion justified? A glance at man 5 ssh_config (or man 5 sshd_config) reveals the Ciphers section and the default preference list for v2 ciphers, with AES-128 in the leading position. Can any security/cryptography guru here (Or? Aviram? Noam? anyone?) confirm or deny that AES-128 may be suspect? AES-256 still seems to be regarded as NSA-safe (but not RC4? http://www.theregister.co.uk/2013/09/06/nsa_cryptobreaking_bullrun_analysis/). Is it prudent to reconfigure ssh/sshd to prefer AES-256? Can anyone comment on performance impact of using AES-256 vs. AES-128 for the usual scenarios? I am not sure I quite understand the implications of AES-128 and AES-256 both being NSA-approved as Type-1/Suite-B algos. I'd hope that NSA assume that anything they can break others can break, too, so Type 1 product being defined as endorsed by the NSA for securing classified and sensitive U.S. Government information, when appropriately keyed hopefully means NSA cannot break it. However, there is also Type-1/Suite-A... Suite A being seemingly regarded as even more secure than Suite B (is it?) goes against the common cryptographic wisdom that says disclosed algos deserve more trust. Is it an indication that (at least) AES-128 may be somewhat vulnerable? Or is is only because AES was not historically NSA-sourced that it is in Suite B and not in Suite A? http://en.wikipedia.org/wiki/Type_1_product http://en.wikipedia.org/wiki/NSA_Suite_B_Cryptography http://en.wikipedia.org/wiki/NSA_Suite_A_Cryptography Back to NYT graphics: Another, more mundane possibility is that NSA's partial success against SSH (and/or OpenSSH implementation) means that SSHv1 and DES (and maybe the default triple-DES???) are vulnerable. That would not be a big surprise (at least the DES part). I am not changing the default SSHv2 Ciphers configuration unless someone I trust says AES-128 is suspect. And maybe not even then... But curiousity is killing this cat... Without going into the cryptography side of things I can say that SSH in it's default configuration (client/server) has various weaknesses. 1. Root is generally default on 2. Default auth mechanism is passwords 3. Most importantly SSH clients by default are set to allow fail-over to SSHv1 so even if the server is set to only accept SSHv2 it is possible to MITM with a machine that forces the client to SSHv1 while talking to the server in SSHv2. 4. Servers aren't always set to accept SSHv2 only either Other then that if you don't take steps to prevent brute-force attacks you will obviously be brute-forced eventually... Regards, Eliyahu - אליהו -- Oleg Goldshmidt | p...@goldshmidt.org ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: [hopefully on topic] is SSH secure in default configuration?
I'm only taking a wild guess here. To be clear, I have no inside knowledge and my guess is probably as good as anyone else's. But if I had to bet this is where I would put my money. Either: 1. They have a 0-day against SSH (e.g. if you have ssh running they can login to your box) 2. They are aware of a weakness in the openssh implementation, unrelated to the encryption itself Pressed against the wall, I would go for option 1. But I wouldn't rule out option 2. I *would* bet against them being able to break the encryption itself. Why? Because obviously, it's much easier to break the implementation than the encryption. I find it hard to believe the NSA can easily break AES or 3DES, and I find it easy to believe they found a flaw or weakness in the implementation. It's that simple. The question is encryption ABC safe is nowadays a purely academic question and only academics care about them (no offense Oleg). A quick note on Elyahu's list: 1. I don't think allowing root login is a huge issue 2. Likewise with password authentication 3. We rarely see SSHv1 being allowed in modern systems - I don't believe that's been the default for a while now 4. Likewise, I think having SSHv2 only is the default for years (but I could be wrong, of course) On Sun, Sep 8, 2013 at 9:19 PM, Oleg Goldshmidt p...@goldshmidt.org wrote: Hi, I am not hopeful to secure much of anything against the likes of NSA or GCHQ. However, my curiousity woke up when the latest NYT/Guardian/ProPublica pieces about NSA/GCHQ/friends compromising much of Internet encryption were accompanied by graphics like http://www.nytimes.com/interactive/2013/09/05/us/unlocking-private-communications.html Now, NYT is hardly a technical authority, but I assume they have technically competent sources and advisers. The above page lists Cisco, Microsoft (I wonder if they were the ones who outed Skype - chuckle), and EFF as sources. I shrug at HTTPS/SSl/TLS/VPN/Skype,IM - nothing surprises there. The only part that is somewhat surprising (and particularly relevant to Linux-IL) is SSH. Why is SSH (on Linux) included and is the inclusion justified? A glance at man 5 ssh_config (or man 5 sshd_config) reveals the Ciphers section and the default preference list for v2 ciphers, with AES-128 in the leading position. Can any security/cryptography guru here (Or? Aviram? Noam? anyone?) confirm or deny that AES-128 may be suspect? AES-256 still seems to be regarded as NSA-safe (but not RC4? http://www.theregister.co.uk/2013/09/06/nsa_cryptobreaking_bullrun_analysis/). Is it prudent to reconfigure ssh/sshd to prefer AES-256? Can anyone comment on performance impact of using AES-256 vs. AES-128 for the usual scenarios? I am not sure I quite understand the implications of AES-128 and AES-256 both being NSA-approved as Type-1/Suite-B algos. I'd hope that NSA assume that anything they can break others can break, too, so Type 1 product being defined as endorsed by the NSA for securing classified and sensitive U.S. Government information, when appropriately keyed hopefully means NSA cannot break it. However, there is also Type-1/Suite-A... Suite A being seemingly regarded as even more secure than Suite B (is it?) goes against the common cryptographic wisdom that says disclosed algos deserve more trust. Is it an indication that (at least) AES-128 may be somewhat vulnerable? Or is is only because AES was not historically NSA-sourced that it is in Suite B and not in Suite A? http://en.wikipedia.org/wiki/Type_1_product http://en.wikipedia.org/wiki/NSA_Suite_B_Cryptography http://en.wikipedia.org/wiki/NSA_Suite_A_Cryptography Back to NYT graphics: Another, more mundane possibility is that NSA's partial success against SSH (and/or OpenSSH implementation) means that SSHv1 and DES (and maybe the default triple-DES???) are vulnerable. That would not be a big surprise (at least the DES part). I am not changing the default SSHv2 Ciphers configuration unless someone I trust says AES-128 is suspect. And maybe not even then... But curiousity is killing this cat... -- Oleg Goldshmidt | p...@goldshmidt.org ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: [hopefully on topic] is SSH secure in default configuration?
2013/9/8 Aviram Jenik avi...@jenik.com: I'm only taking a wild guess here. To be clear, I have no inside knowledge and my guess is probably as good as anyone else's. But if I had to bet this is where I would put my money. Either: 1. They have a 0-day against SSH (e.g. if you have ssh running they can login to your box) 2. They are aware of a weakness in the openssh implementation, unrelated to the encryption itself Pressed against the wall, I would go for option 1. But I wouldn't rule out option 2. I *would* bet against them being able to break the encryption itself. Why? Because obviously, it's much easier to break the implementation than the encryption. I find it hard to believe the NSA can easily break AES or 3DES, and I find it easy to believe they found a flaw or weakness in the implementation. It's that simple. The question is encryption ABC safe is nowadays a purely academic question and only academics care about them (no offense Oleg). A quick note on Elyahu's list: 1. I don't think allowing root login is a huge issue 2. Likewise with password authentication 3. We rarely see SSHv1 being allowed in modern systems - I don't believe that's been the default for a while now I was talking about *clients* almost all clients are still default 2 try 1 even on modern linux systems. A quick look on my laptop shows that the default on Ubuntu 13.04 thankfully is 2 only, but I know that when I looked at it more then a year ago it was not the default. Putty and winscp last time I used them still defaulted to 2+1 unless you consciously set them to 2 only I don't have old systems to check on anymore, but on CentOS 5 which is still a very widely used production system iirc the default for the client was 2+1, the server was 2 only. Regards, Eliyahu - אליהו 4. Likewise, I think having SSHv2 only is the default for years (but I could be wrong, of course) On Sun, Sep 8, 2013 at 9:19 PM, Oleg Goldshmidt p...@goldshmidt.org wrote: Hi, I am not hopeful to secure much of anything against the likes of NSA or GCHQ. However, my curiousity woke up when the latest NYT/Guardian/ProPublica pieces about NSA/GCHQ/friends compromising much of Internet encryption were accompanied by graphics like http://www.nytimes.com/interactive/2013/09/05/us/unlocking-private-communications.html Now, NYT is hardly a technical authority, but I assume they have technically competent sources and advisers. The above page lists Cisco, Microsoft (I wonder if they were the ones who outed Skype - chuckle), and EFF as sources. I shrug at HTTPS/SSl/TLS/VPN/Skype,IM - nothing surprises there. The only part that is somewhat surprising (and particularly relevant to Linux-IL) is SSH. Why is SSH (on Linux) included and is the inclusion justified? A glance at man 5 ssh_config (or man 5 sshd_config) reveals the Ciphers section and the default preference list for v2 ciphers, with AES-128 in the leading position. Can any security/cryptography guru here (Or? Aviram? Noam? anyone?) confirm or deny that AES-128 may be suspect? AES-256 still seems to be regarded as NSA-safe (but not RC4? http://www.theregister.co.uk/2013/09/06/nsa_cryptobreaking_bullrun_analysis/). Is it prudent to reconfigure ssh/sshd to prefer AES-256? Can anyone comment on performance impact of using AES-256 vs. AES-128 for the usual scenarios? I am not sure I quite understand the implications of AES-128 and AES-256 both being NSA-approved as Type-1/Suite-B algos. I'd hope that NSA assume that anything they can break others can break, too, so Type 1 product being defined as endorsed by the NSA for securing classified and sensitive U.S. Government information, when appropriately keyed hopefully means NSA cannot break it. However, there is also Type-1/Suite-A... Suite A being seemingly regarded as even more secure than Suite B (is it?) goes against the common cryptographic wisdom that says disclosed algos deserve more trust. Is it an indication that (at least) AES-128 may be somewhat vulnerable? Or is is only because AES was not historically NSA-sourced that it is in Suite B and not in Suite A? http://en.wikipedia.org/wiki/Type_1_product http://en.wikipedia.org/wiki/NSA_Suite_B_Cryptography http://en.wikipedia.org/wiki/NSA_Suite_A_Cryptography Back to NYT graphics: Another, more mundane possibility is that NSA's partial success against SSH (and/or OpenSSH implementation) means that SSHv1 and DES (and maybe the default triple-DES???) are vulnerable. That would not be a big surprise (at least the DES part). I am not changing the default SSHv2 Ciphers configuration unless someone I trust says AES-128 is suspect. And maybe not even then... But curiousity is killing this cat... -- Oleg Goldshmidt | p...@goldshmidt.org ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: [hopefully on topic] is SSH secure in default configuration?
The algorithm itself is the least of your worries. In modern cryptography, key management is the preferred target. With regards to ssh, this means the key negotiation phase of the protocol handshake. Using your own keys of reasonable size, and managing them properly, is your best bet for reasonable security, along with configuring sshd not to fallback to SSHv1, as Eliyahu wrote. For a wider perspective of the latest NSA revelations, I recommend this article by Bruce Schneier: http://www.theguardian.com/world/2013/sep/05/nsa-how-to-remain-secure-surveillance Rony On Sun, Sep 8, 2013 at 3:19 PM, Oleg Goldshmidt p...@goldshmidt.org wrote: Hi, I am not hopeful to secure much of anything against the likes of NSA or GCHQ. However, my curiousity woke up when the latest NYT/Guardian/ProPublica pieces about NSA/GCHQ/friends compromising much of Internet encryption were accompanied by graphics like http://www.nytimes.com/interactive/2013/09/05/us/unlocking-private-communications.html Now, NYT is hardly a technical authority, but I assume they have technically competent sources and advisers. The above page lists Cisco, Microsoft (I wonder if they were the ones who outed Skype - chuckle), and EFF as sources. I shrug at HTTPS/SSl/TLS/VPN/Skype,IM - nothing surprises there. The only part that is somewhat surprising (and particularly relevant to Linux-IL) is SSH. Why is SSH (on Linux) included and is the inclusion justified? A glance at man 5 ssh_config (or man 5 sshd_config) reveals the Ciphers section and the default preference list for v2 ciphers, with AES-128 in the leading position. Can any security/cryptography guru here (Or? Aviram? Noam? anyone?) confirm or deny that AES-128 may be suspect? AES-256 still seems to be regarded as NSA-safe (but not RC4? http://www.theregister.co.uk/2013/09/06/nsa_cryptobreaking_bullrun_analysis/). Is it prudent to reconfigure ssh/sshd to prefer AES-256? Can anyone comment on performance impact of using AES-256 vs. AES-128 for the usual scenarios? I am not sure I quite understand the implications of AES-128 and AES-256 both being NSA-approved as Type-1/Suite-B algos. I'd hope that NSA assume that anything they can break others can break, too, so Type 1 product being defined as endorsed by the NSA for securing classified and sensitive U.S. Government information, when appropriately keyed hopefully means NSA cannot break it. However, there is also Type-1/Suite-A... Suite A being seemingly regarded as even more secure than Suite B (is it?) goes against the common cryptographic wisdom that says disclosed algos deserve more trust. Is it an indication that (at least) AES-128 may be somewhat vulnerable? Or is is only because AES was not historically NSA-sourced that it is in Suite B and not in Suite A? http://en.wikipedia.org/wiki/Type_1_product http://en.wikipedia.org/wiki/NSA_Suite_B_Cryptography http://en.wikipedia.org/wiki/NSA_Suite_A_Cryptography Back to NYT graphics: Another, more mundane possibility is that NSA's partial success against SSH (and/or OpenSSH implementation) means that SSHv1 and DES (and maybe the default triple-DES???) are vulnerable. That would not be a big surprise (at least the DES part). I am not changing the default SSHv2 Ciphers configuration unless someone I trust says AES-128 is suspect. And maybe not even then... But curiousity is killing this cat... -- Oleg Goldshmidt | p...@goldshmidt.org ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il -- Ubi dubium, ibi libertas (where there is doubt, there is freedom) ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: [hopefully on topic] is SSH secure in default configuration?
Aviram Jenik avi...@jenik.com writes: The question is encryption ABC safe is nowadays a purely academic question and only academics care about them (no offense Oleg). None taken[*]. I re-read my post and I see now that I didn't emphasize that I meant OpenSSH implementation of AES when I wrote AES. All my wondering is about SSH on Linux, not about maths, but I realize now that I did not make it clear, apart from the subject line. ;-) [I did say the question was strictly curiousity-driven.] Having said that, safety is defined/interpreted in terms of cost and time required from an adversary. I have no idea how many Hubble times one would need to break either AES-128 or AES-256 given the aggregate resources of Top500 (or NSA) or custom HW, or how many orders of magnitude can be shaved off by clever use of additional information[*]. But I would not completely discount the rate at which the safety margin of a fixed (in terms of number of rounds, etc.) implementation is shrinking. To emphasize again, I expect NSA, if they suddenly develop an interest in one of my machines, to break in exploiting an unpatched bug somewhere rather than breaking AES, of course. [*] I hope no member of Linux-IL who has authored academic papers on attacks on AES that experts dubbed almost practical will be offended, either. ;-) https://www.schneier.com/blog/archives/2009/07/another_new_aes.html http://www.wisdom.weizmann.ac.il/~tromer/papers/cache.pdf -- Oleg Goldshmidt | p...@goldshmidt.org ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
Re: Winter clock issues in linux
On Sun, Sep 08, 2013 at 11:56:00AM +0300, geoffrey mendelson wrote: Can anyone point me to a correct Asia/Jerusalem file without having to install a package? I have two old systems I want to fix, without any other mods? Donload the deb and extract (ar+tar or with your file manager) usr/share/zoneinfo/Asia/Jerusalem . -- Tzafrir Cohen | tzaf...@jabber.org | VIM is http://tzafrir.org.il || a Mutt's tzaf...@cohens.org.il || best tzaf...@debian.org|| friend ___ Linux-il mailing list Linux-il@cs.huji.ac.il http://mailman.cs.huji.ac.il/mailman/listinfo/linux-il
