Someone ran an experiment looking at the SSH keys used on GitHub
(public keys are accessible through the API):
https://blog.benjojo.co.uk/post/auditing-github-users-keys
Excerpt:
I remembered back to the May 2008 Debian OpenSSH bug, where
the randomness source was compromised to
On Tue, Jun 2, 2015 at 10:19 AM, A.M. Kuchling wrote:
> Should we check everyone's SSH
> keys?
>
Makes sense to me. Probably worth doing for all the *.python.org hosts, not
just the commit boxes like hg.p.o.
Skip
___
python-committers mailing list
pyt
On Tue, Jun 2, 2015, at 11:19, A.M. Kuchling wrote:
> Someone ran an experiment looking at the SSH keys used on GitHub
> (public keys are accessible through the API):
>
> https://blog.benjojo.co.uk/post/auditing-github-users-keys
>
> Excerpt:
>
> I remembered back to the May 2008 Debian
On Tue, Jun 2, 2015 at 11:28 AM, Benjamin Peterson wrote:
> Also, everyone should use ed25519 keys now. :)
For people like myself who are behind the curve, can someone point me
to a primer on generating new, more secure SSH keys?
Skip
___
python-commit
Le 02/06/2015 18:28, Benjamin Peterson a écrit :
>
> Also, everyone should use ed25519 keys now. :)
Depends if the servers you connect to have all been migrated to a recent
enough OpenSSH.
Regards
Antoine.
___
python-committers mailing list
python-com
On Tue, Jun 2, 2015, at 12:37, Antoine Pitrou wrote:
> Le 02/06/2015 18:28, Benjamin Peterson a écrit :
> >
> > Also, everyone should use ed25519 keys now. :)
>
> Depends if the servers you connect to have all been migrated to a recent
> enough OpenSSH.
SSH can use your older keys if you don't
On Tue, Jun 2, 2015, at 12:35, Skip Montanaro wrote:
> On Tue, Jun 2, 2015 at 11:28 AM, Benjamin Peterson
> wrote:
> > Also, everyone should use ed25519 keys now. :)
>
> For people like myself who are behind the curve, can someone point me
> to a primer on generating new, more secure SSH keys?
