On 06/06/2014 12:30 PM, Hubert Kario wrote:
----- Original Message -----
From: "Florian Weimer" <[email protected]>
To: [email protected]
Sent: Friday, June 6, 2014 10:58:17 AM
Subject: Re: available crypto policies
On 06/05/2014 04:41 PM, Eric H. Christensen wrote:
Who still uses 1024-bit keys? You aren't finding a CA to sign them.
By default, sshd uses 1024 bits for the protocol 1 ephemeral server key.
Isn't version 1 completely broken and you shouldn't use it at all?
Just like SSLv2?
Yes, it's disabled by default.
--
Florian Weimer / Red Hat Product Security Team
--
security mailing list
[email protected]
https://admin.fedoraproject.org/mailman/listinfo/security
