Date: Sun, 11 Jan 2015 22:52:00 -0330 From: Jonathan Anderson <jonathan@FreeBSD.org> To: Greg Rivers <gcr+freebsd-security@tharned.org> Cc: freebsd-security@freebsd.org Subject: Re: Securing SSH Message-ID: <54B32FC8.1080000@FreeBSD.org> In-Reply-To: <alpine.BSF.2.11.1501111913310.9102@angus.tharned.org> References: <alpine.BSF.2.11.1501111913310.9102@angus.tharned.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, I can't comment much on the elliptic-curve stuff, but I think it's a bit of a stretch to say that SHA-1 isn't safe for use in a KDF. Just my two cents, Jon > Greg Rivers <mailto:gcr+freebsd-security@tharned.org> > 11 January 2015 at 21:52 > I came across an interesting article[1] about more secure SSH > configurations. What do our resident cryptographers think about this? > Would it make sense to adjust FreeBSD defaults accordingly? > > [1] https://stribika.github.io/2015/01/04/secure-secure-shell.html > -- Jonathan Anderson jonathan@FreeBSD.org
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?54B32FC8.1080000>