[ale] Linux Security vs OpenSSH?

Jim Kinney jim.kinney at gmail.com
Sat Nov 26 23:26:59 EST 2022 

Ha! Open something!



On Sat, Nov 26, 2022, 7:32 PM Leam Hall via Ale <ale at ale.org> wrote:

> Jim, I have to apologize for a mistype. My brain was fried from an on-line
> class, and I meant to ask about Linux and OpenBSD.
>
> Though I like your note on OpenSSH, I haven't kept up as much as I should.
>
> Leam
>
> On 11/26/22 15:35, Jim Kinney wrote:
> > It all depends on the underlying encryption methods and server
> configuration. As long as the encryption libs are up to date, any known
> breakable methods explicitly blocked from use, it's solid.
> >
> > That said, 1024 bit keys should be replaced last year, 2048 are a
> minimum, and 4096 but causes problems with older versions.
> >
> > Each distro builds it's own openssh so there are variations that may
> bite later. I'm particularly fond of the patch that can query ldap through
> sssd for a users pub key. It also supports being a container for the priv
> key so a tight control of a closed environment can exist with sssd, ldap,
> and openssh by using a tool chain through freeipa.
> >
> > On Sat, Nov 26, 2022, 3:22 PM Leam Hall via Ale <ale at ale.org <mailto:
> ale at ale.org>> wrote:
> >
> >     In days of old, OpenSSH had a reputation for being "more" secure.
> However, Linux has gotten a lot more brain share, and I wonder if that
> reputation is still deserved. Thoughts?
> >
> >     Leam
> >
> >     --
> >     Automation Engineer        (reuel.net/resume <
> http://reuel.net/resume>)
> >     Scribe: The Domici War     (domiciwar.net <http://domiciwar.net>)
> >     General Ne'er-do-well      (github.com/LeamHall <
> http://github.com/LeamHall>)
> >     _______________________________________________
> >     Ale mailing list
> >     Ale at ale.org <mailto:Ale at ale.org>
> >     https://mail.ale.org/mailman/listinfo/ale <
> https://mail.ale.org/mailman/listinfo/ale>
> >     See JOBS, ANNOUNCE and SCHOOLS lists at
> >     http://mail.ale.org/mailman/listinfo <
> http://mail.ale.org/mailman/listinfo>
> >
>
> --
> Automation Engineer        (reuel.net/resume)
> Scribe: The Domici War     (domiciwar.net)
> General Ne'er-do-well      (github.com/LeamHall)
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> https://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.ale.org/pipermail/ale/attachments/20221126/abb246a5/attachment.htm>

More information about the Ale mailing list