From mboxrd@z Thu Jan  1 00:00:00 1970
Return-Path: <gentoo-user+bounces-168286-garchives=archives.gentoo.org@lists.gentoo.org>
Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80])
	by finch.gentoo.org (Postfix) with ESMTP id D41AC1384B4
	for <garchives@archives.gentoo.org>; Tue, 10 Nov 2015 19:17:46 +0000 (UTC)
Received: from pigeon.gentoo.org (localhost [127.0.0.1])
	by pigeon.gentoo.org (Postfix) with SMTP id 24E8C21C044;
	Tue, 10 Nov 2015 19:17:40 +0000 (UTC)
Received: from smtp.gentoo.org (smtp.gentoo.org [140.211.166.183])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by pigeon.gentoo.org (Postfix) with ESMTPS id E207821C01C
	for <gentoo-user@lists.gentoo.org>; Tue, 10 Nov 2015 19:17:38 +0000 (UTC)
Received: from [192.168.1.100] (c-98-218-46-55.hsd1.md.comcast.net [98.218.46.55])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	(Authenticated sender: mjo)
	by smtp.gentoo.org (Postfix) with ESMTPSA id 0C4DA33FD3F
	for <gentoo-user@lists.gentoo.org>; Tue, 10 Nov 2015 19:17:37 +0000 (UTC)
Subject: Re: [gentoo-user] OpenSSH upgrade warning
To: gentoo-user@lists.gentoo.org
References: <56414A8C.1080701@gentoo.org>
 <CAGymGE=eJ616vvggXx=E1vV7vxB5wQkSe7qLmFC9pu=qVLETcA@mail.gmail.com>
 <56420397.8010504@gentoo.org> <56420DB1.80302@gmail.com>
 <56421438.4080202@gentoo.org> <564236F0.9020503@gmail.com>
 <56423DAD.5030200@gentoo.org>
 <CAGymGE=79ycc5Fzu1-Q9sKwEGCriMpGwuDA=7N0C=1hk6yVT3Q@mail.gmail.com>
From: Michael Orlitzky <mjo@gentoo.org>
X-Enigmail-Draft-Status: N1110
Message-ID: <564242CF.2050602@gentoo.org>
Date: Tue, 10 Nov 2015 14:17:35 -0500
User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101
 Thunderbird/38.3.0
Precedence: bulk
List-Post: <mailto:gentoo-user@lists.gentoo.org>
List-Help: <mailto:gentoo-user+help@lists.gentoo.org>
List-Unsubscribe: <mailto:gentoo-user+unsubscribe@lists.gentoo.org>
List-Subscribe: <mailto:gentoo-user+subscribe@lists.gentoo.org>
List-Id: Gentoo Linux mail <gentoo-user.gentoo.org>
X-BeenThere: gentoo-user@lists.gentoo.org
Reply-to: gentoo-user@lists.gentoo.org
MIME-Version: 1.0
In-Reply-To: <CAGymGE=79ycc5Fzu1-Q9sKwEGCriMpGwuDA=7N0C=1hk6yVT3Q@mail.gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: 7bit
X-Archives-Salt: 19c37e78-0163-42ed-8bb9-015442134639
X-Archives-Hash: 4d54ea5b5ab1e91d1e48eaca674d4c21

On 11/10/2015 02:00 PM, Jeff Smelser wrote:
> 
> I guess from this your assuming that everyones passwords that have been
> hacked are god, birthdays and such?
> 

Again: assume that I'm not an idiot, and that I know how to choose a
long, random password. It cannot be brute-forced. And if it could,
adding an SSH key encrypted with a password of the same length would
provide no extra security.