>> Might I point out that discussion is with respect to an 8k RSA SSH key >> for SSH authentication, not for email. A 2 second delay during the >> initialization of an SSH connection is not a problem. > > And here is precisely something interesting: 8k RSA is discussed as a method > to keep messages confidential for decades. I haven't looked into it, but I'm > under the impression RSA is used purely for authentication in SSH, not for > key exchange[1]. What are you protecting decades against here? A server > reusing a random challenge? That seems quite far fetched.
I created the 8k keys prior to understanding the full effects reasoning behind a 1k/2k key simply because it was't particularly computationally expensive for me to do, and I saw no harm in being overly cautious with a longer key than average. I see no purpose though (at this stage, with my public key spread around a variety of locations without issue) in generating a new 'smaller' key for the sole purpose of being able to use GPG's SSH agent, requiring me to change the public key in every location. > Oh, by the way, only the computational load for the client was discussed. > There's also the server (although the public side of the computation is > quicker than the private side). The server gets logins from potentially a > lot of clients. I think this is fairly irrelevant to the discussion. Yes there is an overhead, but performing the calculations is not a significant concern. (If a server is getting lots of fake logon attempts, you need to sort out your firewall instead). _______________________________________________ Gnupg-users mailing list Gnupg-users@gnupg.org http://lists.gnupg.org/mailman/listinfo/gnupg-users