Settable minimum RSA key sizes on the client end for legacy devices.
Blumenthal, Uri - 0553 - MITLL
uri at ll.mit.edu
Sun Dec 29 21:41:53 AEDT 2019
"Normal use" should be covered by reasonable defaults. Explicit parameters are for specific less-standard needs.
It's pretty stupid to harbor a delusional belief that you can correctly determine and prevent others from doing stupid things. There are exceptions, but their rarity serves to strengthen the above.
Regards,
Uri
> On Dec 29, 2019, at 11:54, Philipp Marek <philipp at marek.priv.at> wrote:
>
>
>>
>> Unix was not designed to stop you from doing stupid things, because
>> that would also stop you from doing clever things.
>> - Doug Gwyn, in Introducing Regular Expressions (2012) by Michael Fitzgerald
>
> Please note that this mostly applies to the priviledged administrative
> account - as long as a you're a normal user the other users should be
> protected from your mistakes. (g+w etc. is already "extended rights" ;)
>
>
> In engineering, one of the major points is to foresee potential human
> mistakes - and to take precautions to prevent them.
>
> I see that SSH key length issue similar to operating big machinery -
> you're protected as long as you use it normally; to tear a limb off
> you need to become inventive.
>
> (Search the internet for images "two-hand control".)
> _______________________________________________
> openssh-unix-dev mailing list
> openssh-unix-dev at mindrot.org
> https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 5874 bytes
Desc: not available
URL: <http://lists.mindrot.org/pipermail/openssh-unix-dev/attachments/20191229/ec3eb968/attachment-0001.p7s>
More information about the openssh-unix-dev
mailing list