SSH and FreeBSD-11
matthew at FreeBSD.org
Fri Mar 11 11:30:21 UTC 2016
On 03/11/16 10:01, Carmel wrote:
> On Fri, 11 Mar 2016 16:36:02 +0800, Jov stated:
>> > openssh in freebsd 11 will not generate dsa host key any more，I
>> > have a pr about this.
> Thanks, I did not know it was a known issue. I had not read anything
> about it.
This site is quite instructive about where current SSH ciphers etc. have
DSA keys will have been deprecated because they only allow a 1024bit
modulus, and that's now known to be vulnerable to attack. It takes
quite a well resourced attacker to do so right now, but Moore's law will
soon make that club a lot less exclusive.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 801 bytes
Desc: OpenPGP digital signature
More information about the freebsd-questions