faster /dev/random
Wolfgang S. Rupprecht
wolfgang.rupprecht at gmail.com
Mon Aug 23 20:56:32 UTC 2010
Thomas Cameron <thomas.cameron at camerontech.com> writes:
> What are you doing that is worth waiting a month for? Or would you have
> to kill us if you told us? ;-)
;-)
No, nothing too exciting. I'm just trying to secure my DNS information
and since the key is very public (it is published in DNS itself) I
figured I should really generate it the proper way with a strong random
number generator. (I have a bunch of zones and am publishing some spare
keys, so the keycount adds up quickly.) There isn't much of a downside
to an attacker breaking the key, other than bragging rights and being
able to spoof DNS responses. (Big deal. Someone will get the wrong IP
address or hostname if the happens.)
On the other hand, I've noticed the slow problom with key generation
whenever I update my ssh keys or my ssl keys. If I botch the ssl key,
spammers could send spam via my mail server. If I botch the ssh key
attackers could log in here.
-wolfgang
--
Wolfgang S. Rupprecht http://www.wsrcc.com/wolfgang/ (IPv6-only)
More information about the users
mailing list