On 10/06/2017 12:57 AM, Ulrich Sibiller wrote:
On Fri, Oct 6, 2017 at 3:12 AM, Mihai Moldovan <io...@ionic.de> wrote:
On 09/28/2017 01:49 PM, Max A. wrote:
I'm using a x2go server on CentOS 6.9 (the latest version from EPEL,
4.0.1.20), clients use Windows XP/7 and the latest version of X2Go
Client (4.1.0.0-2017.03.11). Each time the client connects,
ssh-keygen.exe (C:\Program Files\x2goclient\ssh-keygen.exe) starts with
the parameters "-t rsa -b 4096 -N" "-C" X2Go Client RSA user key "-f C:
I explicitly decided against that. For more information and the rationale for
this change, refer to the release announcement:
http://lists.x2go.org/pipermail/x2go-announcements/2017/000302.html
The release announcement talks about 2048-bit keys being generated
while this indicates that even stronger keys are being used (which in
turn increases the time to create them). I think for slow clients this
is too much. At least the admin should be able to decide about the
required security, not the maintainer.
So what about staying as is by default but providing a possibility to
pre-generate keys for those connections.
Uli
What about ed25519 keys?
https://stribika.github.io/2015/01/04/secure-secure-shell.html
About 30-60 times faster to create on my fairly fast machine.
Unfortunately EL6 era machines don't support them.
--
Orion Poplawski
Manager of NWRA Technical Systems 720-772-5637
NWRA, Boulder/CoRA Office FAX: 303-415-9702
3380 Mitchell Lane or...@nwra.com
Boulder, CO 80301 https://www.nwra.com/
_______________________________________________
x2go-user mailing list
x2go-user@lists.x2go.org
https://lists.x2go.org/listinfo/x2go-user
