[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: OT: Safe to access SSH server from work?

On Fri, 6 May 2011, Brian wrote:

A strong password is no less secure in brute force terms than a key so

Oh yes it is. A strong password may take a very long time to brute force, but that isn't what you said.

Breaking an arbitrarily long key pair is regarded as being cryptographically infeasible. That means it isn't practical for anyone to even undertake the attack.

So how long does the key need to be? That changes with time due to advances in computer hardware. Right now attacks against 1024 bit RSA keys may be cryptographically feasible. So use a longer key if you fear you may be subject to a sustained brute force attack[1].

[1] Hint: home users are probably not the targets here :)



Email: robert@timetraveller.org		Linux counter ID #16440
IRC: Solver (OFTC & Freenode)
Web: http://www.practicalsysadmin.com
Contributing member of Software in the Public Interest (http://spi-inc.org/)
Open Source: The revolution that silently changed the world

Reply to: