Date: Mon, 25 Sep 2000 12:15:22 +0200 (MET DST) From: Mipam <mipam@ibb.net> To: Scot Elliott <scot@london.sparza.com> Cc: CrazZzy Slash <slash@krsu.edu.kg>, Ali Alaoui El Hassani <961BE653994@stud.alakhawayn.ma>, freebsd-security@FreeBSD.ORG, Peter Pentchev <roam@orbitel.bg> Subject: Re: Encryption over IP Message-ID: <Pine.LNX.3.95.1000925121108.11069B-100000@ux1.ibb.net> In-Reply-To: <Pine.GSO.4.21.0009251101570.7006-100000@hagop.london.sparza.com>
next in thread | previous in thread | raw e-mail | index | archive | help
> As a friend pointed out to me recently, long term SSH connections that > move a lot of data are probably not very secure, as the SSH protocol does > not re-generate it's encryption keys unlike something like IPSec... > This is not the case. For example in openssh you can specify the regeneration time of the key. Default this is set to 3600 seconds. And when you would look closely, you also see it happening for a message is displayed when this happens. You also can check in your logs it happens. Checkout /etc/sshd_config Bye, Mipam. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.3.95.1000925121108.11069B-100000>