Re: server security :: user accounts, ssh, passphrases, etc.
On Wed, Apr 09, 2008 at 08:49:29AM +1200, Chris Bannister wrote:
> On Sun, Apr 06, 2008 at 10:46:25AM -0500, Dave Sherohman wrote:
> > My (admittedly limited) understanding of public key crypto is that the
> > public and private key are connected by the relationship of two extremly
> > large prime numbers. It is mathematically possible, then, to identify
> > those numbers by factoring the numeric value of the public key and then
> > use them to deduce the value of the private key.
>
> Google "John the Ripper."
Apples and oranges. While John the Ripper would be capable of cracking
the passphrase of a private key, I have been able to find nothing which
says that, given a public key, it is able to deduce the corresponding
private key. On the contrary, those documents I've found which discuss
both John the Ripper and public key crypto generally are written to
contrast the weakness of encrypted passwords (what JtR is designed to
attack) against the strength of public key systems.
--
News aggregation meets world domination. Can you see the fnews?
http://seethefnews.com/
Reply to:
- References:
- server security :: user accounts, ssh, passphrases, etc.
- From: "Russell L. Harris" <rlharris@oplink.net>
- Re: server security :: user accounts, ssh, passphrases, etc.
- From: Dave Sherohman <dave@sherohman.org>
- Re: server security :: user accounts, ssh, passphrases, etc.
- From: Brian McKee <map@map-heb.com>
- Re: server security :: user accounts, ssh, passphrases, etc.
- From: "s. keeling" <keeling@nucleus.com>
- Re: server security :: user accounts, ssh, passphrases, etc.
- From: Dave Sherohman <dave@sherohman.org>
- Re: server security :: user accounts, ssh, passphrases, etc.
- From: Chris Bannister <mockingbird@earthlight.co.nz>