6 Jun
2014
6 Jun
'14
5:30 a.m.
----- Original Message -----
From: "Florian Weimer" fweimer@redhat.com To: security@lists.fedoraproject.org Sent: Friday, June 6, 2014 10:58:17 AM Subject: Re: available crypto policies
On 06/05/2014 04:41 PM, Eric H. Christensen wrote:
Who still uses 1024-bit keys? You aren't finding a CA to sign them.
By default, sshd uses 1024 bits for the protocol 1 ephemeral server key.
Isn't version 1 completely broken and you shouldn't use it at all? Just like SSLv2?
--
Regards,
Hubert Kario
Quality Engineer, QE BaseOS Security team
Email: hkario@redhat.com
Web: www.cz.redhat.com
Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic