Security Practices
From: David Busby (busby_at_edoceo.com)
Date: 05/17/05
- Previous message: Andre Charbonneau: "x11 forwarding problems"
- Next in thread: Nigel Stepp: "Re: Security Practices"
- Reply: Nigel Stepp: "Re: Security Practices"
- Maybe reply: Mark Senior: "RE: Security Practices"
- Reply: Bryan McAninch: "RE: Security Practices"
- Reply: List Account: "RE: Security Practices"
- Maybe reply: Mark Senior: "RE: Security Practices"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 16 May 2005 22:28:23 -0700 To: secureshell@securityfocus.com
List,
I'm trying to get my a sshd setup as secure as possible, some folks I
know what to send financial data over this. Right now I've got 2048bit
RSA keys, aes256-cbc cipher (only), but all the MACs. I'm thinking that
I'll make my key 4096bits to add some security. Which cipher is the
best? I picked AES256 cause I believe AES to be the best, 256 was the
largest. What is the difference between CBC and CTR? MAC of hmac-md5
is the best choice there correct? Assume best means most secure even at
the sacrifice of performance. Thanks!
imperium bin # ssh -V
OpenSSH_3.9p1, OpenSSL 0.9.7e 25 Oct 2004
imperium bin # uname -a
Linux imperium 2.6.10-gentoo-r6-edoceo #4 Sun May 1 03:48:25 PDT 2005
i686 AMD Athlon(TM) XP 1700+ AuthenticAMD GNU/Linux
/djb
- Previous message: Andre Charbonneau: "x11 forwarding problems"
- Next in thread: Nigel Stepp: "Re: Security Practices"
- Reply: Nigel Stepp: "Re: Security Practices"
- Maybe reply: Mark Senior: "RE: Security Practices"
- Reply: Bryan McAninch: "RE: Security Practices"
- Reply: List Account: "RE: Security Practices"
- Maybe reply: Mark Senior: "RE: Security Practices"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
