From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id 67BA11384B4 for ; Tue, 10 Nov 2015 19:23:29 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id EAA7D21C051; Tue, 10 Nov 2015 19:23:21 +0000 (UTC) Received: from mail-wm0-f47.google.com (mail-wm0-f47.google.com [74.125.82.47]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 90FFB21C03F for ; Tue, 10 Nov 2015 19:23:20 +0000 (UTC) Received: by wmww144 with SMTP id w144so14781704wmw.0 for ; Tue, 10 Nov 2015 11:23:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-type:content-transfer-encoding; bh=TV9bxMn+hQku1eAc9ifQnRsk9SQ8cZMRWH+Kr8SstIE=; b=iDOMrdL8eOY/V9O5Cyn2BbMI2TVg66Cu3XChJ5+iVjdWeZUFRq7SH6lbqPxN9eUNAv PC9lzbQx6kjfqgvWDas1XwDTOAukfUtLvJknBRH+J8k8LmUiKRMg6c/KioPyRLf/SZDc OZQKyOCA1IaKXlWpu2k3Ga8C/ksbeqCOZfbKNpEY6l+qfEaYGL/rMMk0xPN6JsS6sB/N qy6e66adA4gp2qqLD93MokTKhq6aFASxllnqhV3IoRAVu9wM464KXjjgvMF3OQX6S8BH kUQ3pa306CawrZE+WS3H4fTMr3vk83+AFskxpPCbs3o5K//xGrg/fovFRNPnhQ7AIA7h emKQ== X-Received: by 10.194.184.164 with SMTP id ev4mr5520533wjc.19.1447183399428; Tue, 10 Nov 2015 11:23:19 -0800 (PST) Received: from [192.168.88.253] ([130.204.240.118]) by smtp.gmail.com with ESMTPSA id r65sm21362083wmb.20.2015.11.10.11.23.18 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 10 Nov 2015 11:23:18 -0800 (PST) Subject: Re: [gentoo-user] OpenSSH upgrade warning To: gentoo-user@lists.gentoo.org References: <56414A8C.1080701@gentoo.org> <56420397.8010504@gentoo.org> <56420DB1.80302@gmail.com> <56421438.4080202@gentoo.org> <564236F0.9020503@gmail.com> <56423DAD.5030200@gentoo.org> <564242CF.2050602@gentoo.org> From: Stanislav Nikolov Message-ID: <56424426.2030708@gmail.com> Date: Tue, 10 Nov 2015 21:23:18 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 In-Reply-To: <564242CF.2050602@gentoo.org> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Archives-Salt: c0d29bfc-604a-4dd8-9d79-23fda64af9b3 X-Archives-Hash: a9120193314afddca463931867fb17d7 On 11/10/2015 09:17 PM, Michael Orlitzky wrote: > On 11/10/2015 02:00 PM, Jeff Smelser wrote: >> I guess from this your assuming that everyones passwords that have been >> hacked are god, birthdays and such? >> > Again: assume that I'm not an idiot, and that I know how to choose a > long, random password. It cannot be brute-forced. And if it could, > adding an SSH key encrypted with a password of the same length would > provide no extra security. > > Are you sure you know how such keys work? An extremely 15 character password (Upper case, lower case, numbers, 8 more symbols) gives you ~4747561509943000000000000000 combinations. Just a simple 2048 bit key on the other hand (~180 of which are "secure") 1532495540865888858358347027150309183618739122183602176. Thats ALOT moar. You don't have to generate the key from a password!