[ale] Linux Security vs OpenSSH?

Héctor Abreu habreu71 at gmail.com
Sun Nov 27 09:23:43 EST 2022 

I think OpenBSD reputation of being secure is not something of the old
days. Security has always been one of the main goals of that project.

In recent years I've heard news of malware targeting Windows and Linux, but
not OpenBSD.

I personally use both OpenBSD and Linux because one can not be a full
replacement of the other, at least in the scenarios I normally deal with.

Hector.

El sáb, 26 nov 2022 a las 19:32, Leam Hall via Ale (<ale at ale.org>) escribió:

> Jim, I have to apologize for a mistype. My brain was fried from an on-line
> class, and I meant to ask about Linux and OpenBSD.
>
> Though I like your note on OpenSSH, I haven't kept up as much as I should.
>
> Leam
>
> On 11/26/22 15:35, Jim Kinney wrote:
> > It all depends on the underlying encryption methods and server
> configuration. As long as the encryption libs are up to date, any known
> breakable methods explicitly blocked from use, it's solid.
> >
> > That said, 1024 bit keys should be replaced last year, 2048 are a
> minimum, and 4096 but causes problems with older versions.
> >
> > Each distro builds it's own openssh so there are variations that may
> bite later. I'm particularly fond of the patch that can query ldap through
> sssd for a users pub key. It also supports being a container for the priv
> key so a tight control of a closed environment can exist with sssd, ldap,
> and openssh by using a tool chain through freeipa.
> >
> > On Sat, Nov 26, 2022, 3:22 PM Leam Hall via Ale <ale at ale.org <mailto:
> ale at ale.org>> wrote:
> >
> >     In days of old, OpenSSH had a reputation for being "more" secure.
> However, Linux has gotten a lot more brain share, and I wonder if that
> reputation is still deserved. Thoughts?
> >
> >     Leam
> >
> >     --
> >     Automation Engineer        (reuel.net/resume <
> http://reuel.net/resume>)
> >     Scribe: The Domici War     (domiciwar.net <http://domiciwar.net>)
> >     General Ne'er-do-well      (github.com/LeamHall <
> http://github.com/LeamHall>)
> >     _______________________________________________
> >     Ale mailing list
> >     Ale at ale.org <mailto:Ale at ale.org>
> >     https://mail.ale.org/mailman/listinfo/ale <
> https://mail.ale.org/mailman/listinfo/ale>
> >     See JOBS, ANNOUNCE and SCHOOLS lists at
> >     http://mail.ale.org/mailman/listinfo <
> http://mail.ale.org/mailman/listinfo>
> >
>
> --
> Automation Engineer        (reuel.net/resume)
> Scribe: The Domici War     (domiciwar.net)
> General Ne'er-do-well      (github.com/LeamHall)
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> https://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://mail.ale.org/pipermail/ale/attachments/20221127/6d169165/attachment.htm>

More information about the Ale mailing list