On 03/06/15 16:59, Benjamin Peterson wrote:
> That's just how the SSH auth protocol works. The client offers keys
> until the server finds one acceptable. I'm not sure how the order is
> determined; it's probably arbitrary for OpenSSH.
The server will accept the first key it can find a public key
On Wed, Jun 3, 2015 at 9:59 AM, Benjamin Peterson wrote:
> I'm not sure how the order is determined; it's probably arbitrary for OpenSSH.
Certainly you wouldn't want it to offer a key generated by a system it
knows to be weaker before one generated by a known stronger system? I
would hope the Ope
On Wed, Jun 3, 2015, at 08:31, Antoine Pitrou wrote:
>
>
> Le 03/06/2015 15:27, Benjamin Peterson a écrit :
> >
> >
> > On Wed, Jun 3, 2015, at 08:21, Antoine Pitrou wrote:
> >>
> >> Le 02/06/2015 18:42, Benjamin Peterson a écrit :
> >>>
> >>>
> >>> On Tue, Jun 2, 2015, at 12:37, Antoine Pitr
Le 03/06/2015 15:27, Benjamin Peterson a écrit :
>
>
> On Wed, Jun 3, 2015, at 08:21, Antoine Pitrou wrote:
>>
>> Le 02/06/2015 18:42, Benjamin Peterson a écrit :
>>>
>>>
>>> On Tue, Jun 2, 2015, at 12:37, Antoine Pitrou wrote:
Le 02/06/2015 18:28, Benjamin Peterson a écrit :
>
> A
On Wed, Jun 3, 2015, at 08:21, Antoine Pitrou wrote:
>
> Le 02/06/2015 18:42, Benjamin Peterson a écrit :
> >
> >
> > On Tue, Jun 2, 2015, at 12:37, Antoine Pitrou wrote:
> >> Le 02/06/2015 18:28, Benjamin Peterson a écrit :
> >>>
> >>> Also, everyone should use ed25519 keys now. :)
> >>
> >>
Le 02/06/2015 18:42, Benjamin Peterson a écrit :
>
>
> On Tue, Jun 2, 2015, at 12:37, Antoine Pitrou wrote:
>> Le 02/06/2015 18:28, Benjamin Peterson a écrit :
>>>
>>> Also, everyone should use ed25519 keys now. :)
>>
>> Depends if the servers you connect to have all been migrated to a recent
>>
On Tue, Jun 2, 2015, at 12:35, Skip Montanaro wrote:
> On Tue, Jun 2, 2015 at 11:28 AM, Benjamin Peterson
> wrote:
> > Also, everyone should use ed25519 keys now. :)
>
> For people like myself who are behind the curve, can someone point me
> to a primer on generating new, more secure SSH keys?
On Tue, Jun 2, 2015, at 12:37, Antoine Pitrou wrote:
> Le 02/06/2015 18:28, Benjamin Peterson a écrit :
> >
> > Also, everyone should use ed25519 keys now. :)
>
> Depends if the servers you connect to have all been migrated to a recent
> enough OpenSSH.
SSH can use your older keys if you don't
Le 02/06/2015 18:28, Benjamin Peterson a écrit :
>
> Also, everyone should use ed25519 keys now. :)
Depends if the servers you connect to have all been migrated to a recent
enough OpenSSH.
Regards
Antoine.
___
python-committers mailing list
python-com
On Tue, Jun 2, 2015 at 11:28 AM, Benjamin Peterson wrote:
> Also, everyone should use ed25519 keys now. :)
For people like myself who are behind the curve, can someone point me
to a primer on generating new, more secure SSH keys?
Skip
___
python-commit
On Tue, Jun 2, 2015, at 11:19, A.M. Kuchling wrote:
> Someone ran an experiment looking at the SSH keys used on GitHub
> (public keys are accessible through the API):
>
> https://blog.benjojo.co.uk/post/auditing-github-users-keys
>
> Excerpt:
>
> I remembered back to the May 2008 Debian
On Tue, Jun 2, 2015 at 10:19 AM, A.M. Kuchling wrote:
> Should we check everyone's SSH
> keys?
>
Makes sense to me. Probably worth doing for all the *.python.org hosts, not
just the commit boxes like hg.p.o.
Skip
___
python-committers mailing list
pyt
Someone ran an experiment looking at the SSH keys used on GitHub
(public keys are accessible through the API):
https://blog.benjojo.co.uk/post/auditing-github-users-keys
Excerpt:
I remembered back to the May 2008 Debian OpenSSH bug, where
the randomness source was compromised to
13 matches
Mail list logo
