From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from lists.gentoo.org (pigeon.gentoo.org [208.92.234.80]) by finch.gentoo.org (Postfix) with ESMTP id BCC141384B4 for ; Tue, 10 Nov 2015 19:32:36 +0000 (UTC) Received: from pigeon.gentoo.org (localhost [127.0.0.1]) by pigeon.gentoo.org (Postfix) with SMTP id 3C52321C07D; Tue, 10 Nov 2015 19:32:25 +0000 (UTC) Received: from mail-wm0-f41.google.com (mail-wm0-f41.google.com [74.125.82.41]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by pigeon.gentoo.org (Postfix) with ESMTPS id 18C9121C06E for ; Tue, 10 Nov 2015 19:32:24 +0000 (UTC) Received: by wmww144 with SMTP id w144so15113396wmw.0 for ; Tue, 10 Nov 2015 11:32:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-type:content-transfer-encoding; bh=nnIorrK76OBx69Mk4S5pahe0ZWkam72WWmaQytKxY4Y=; b=VqdjFvmDajAJtiRjbI54tZFES9Zi8JjC3ropwXxjAqboXtkzdPlLVj98py5OTI/zSH +aD5SyRJ8Khnx39rzPgNU11vUs+wsytpfJ0B9NehVzr+SzieRKj34OVOb8KyKOsasViY xivnsJUUGtoApRzyE67joZgHdRhfkUdGAwIIhqBcvt+OBrMx3iRRMDuNyDN87QRUhdht ZnUhHU9UFAWUBhbEM23YzUaBPxEfO9bGGd66pA9zqngiY2YlLsWbwgR1U9Qn6WiS0tlF x+b6F81YZm8aONWJvmJONUM9L2MEKu7j8Rfpot+1RZB2MyJ+Ec/Cww5fZawOuzuiJLa7 YWyg== X-Received: by 10.28.87.21 with SMTP id l21mr6820967wmb.6.1447183942979; Tue, 10 Nov 2015 11:32:22 -0800 (PST) Received: from [192.168.88.253] ([130.204.240.118]) by smtp.gmail.com with ESMTPSA id s189sm3093469wmf.16.2015.11.10.11.32.22 for (version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Tue, 10 Nov 2015 11:32:22 -0800 (PST) Subject: Re: [gentoo-user] OpenSSH upgrade warning To: gentoo-user@lists.gentoo.org References: <56414A8C.1080701@gentoo.org> <56420397.8010504@gentoo.org> <56420DB1.80302@gmail.com> <56421438.4080202@gentoo.org> <564236F0.9020503@gmail.com> <56423DAD.5030200@gentoo.org> <564242CF.2050602@gentoo.org> <56424426.2030708@gmail.com> <564244BC.1080208@gentoo.org> From: Stanislav Nikolov Message-ID: <56424645.4020104@gmail.com> Date: Tue, 10 Nov 2015 21:32:21 +0200 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 Precedence: bulk List-Post: List-Help: List-Unsubscribe: List-Subscribe: List-Id: Gentoo Linux mail X-BeenThere: gentoo-user@lists.gentoo.org Reply-to: gentoo-user@lists.gentoo.org MIME-Version: 1.0 In-Reply-To: <564244BC.1080208@gentoo.org> Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 7bit X-Archives-Salt: f18d6021-ee59-48ea-96d9-db9d17c9c0f8 X-Archives-Hash: f1140f0eabdb29b6ff888b28f40c0ec9 On 11/10/2015 09:25 PM, Michael Orlitzky wrote: > On 11/10/2015 02:23 PM, Stanislav Nikolov wrote: >> Are you sure you know how such keys work? An extremely 15 character >> password (Upper case, lower case, numbers, 8 more symbols) gives you >> ~4747561509943000000000000000 combinations. Just a simple 2048 bit >> key on the other hand (~180 of which are "secure") >> 1532495540865888858358347027150309183618739122183602176. Thats ALOT >> moar. You don't have to generate the key from a password! >> > I don't have to brute-force the key. The key is encrypted with a > password. How long is that password? > > > 1) The key is not encrypted. 2) You don't need a password to generate a key. 3) Don't go full retard, do your research before arguing.