Re: It's time for those 2048-, 3072-, and 4096-bit keys?

From: Karsten W. Rohrbach (karsten@rohrbach.de)
Date: 04/02/02 

Date: Tue, 2 Apr 2002 01:18:15 +0200
From: "Karsten W. Rohrbach" <karsten@rohrbach.de>
To: Garrett Wollman <wollman@lcs.mit.edu>

Garrett Wollman(wollman@lcs.mit.edu)@2002.04.01 13:48:16 +0000:
> <<On 31 Mar 2002 01:49:54 +0100, Dag-Erling Smorgrav <des@ofug.org> said:
>
> > Some systems (like the SparcStation 5 that serves DNS, DHCP and NTP
> > requests from my home network) are too slow for the algorithms used by
> > ssh2.
>
> It's perfectly acceptable on our IPX. The session takes a few seconds
> to start, and the keys took a long time to generate, but once
> authenticated there does not seem to be much difference to me. (In
> fact, `cat /etc/termcap' takes consistently twice as long using v1 as
> v2.)

interresting. i observe a similar behaviour on my router (intel pentium
60, 4.4-stable 12/6/2001, ssh 2.0 20011202, protocol v2).
generation of the server key takes ages (~3+ minutes)...

regards,
/k 

-- 
> The idea that Bill Gates has appeared like a knight in shining armour
> to lead all customers out of a mire of technological chaos neatly ignores
> the fact that it was he who, by peddling second-rate technology, led them
> into it in the first place. --Douglas Adams in Guardian, August 25, 1995 
KR433/KR11-RIPE -- WebMonster Community Founder -- nGENn GmbH Senior Techie
http://www.webmonster.de/ -- ftp://ftp.webmonster.de/ -- http://www.ngenn.net/
GnuPG 0x2964BF46 2001-03-15 42F9 9FFF 50D4 2F38 DBEE  DF22 3340 4F4E 2964 BF46
My mail is GnuPG signed -- Unsigned ones are bogus -- http://www.gnupg.org/
Please do not remove my address from To: and Cc: fields in mailing lists. 10x

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message