[jira] [Commented] (SSHD-1100) Update embedded moduli file

Lyor Goldstein (Jira) Thu, 05 Nov 2020 23:57:33 -0800


    [ 
https://issues.apache.org/jira/browse/SSHD-1100?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17227224#comment-17227224
 ]


Lyor Goldstein commented on SSHD-1100:
--------------------------------------

{noformat:title=Generate 2048 bit candidates}
ssh-keygen -M generate -O bits=2048 moduli-2048.candidates
{noformat}

{noformat:title=Filter the candidates}
ssh-keygen -M screen -f moduli-2048.candidates moduli-2048
{noformat}

> Update embedded moduli file
> ---------------------------
>
>                 Key: SSHD-1100
>                 URL: https://issues.apache.org/jira/browse/SSHD-1100
>             Project: MINA SSHD
>          Issue Type: Improvement
>    Affects Versions: 2.5.1
>            Reporter: Lyor Goldstein
>            Assignee: Lyor Goldstein
>            Priority: Major
>
> In view of 
> https://security.stackexchange.com/questions/41941/consequences-of-tampered-etc-ssh-moduli
>  and the fact that our current built-in moduli are from 2014 (according to 
> their timestamp) perhaps we should generate some new ones...
> See if can also provide an external property indicating which file to load 
> (perhaps {{/etc/sshd/moduli}} or similar



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@mina.apache.org
For additional commands, e-mail: dev-h...@mina.apache.org

[jira] [Commented] (SSHD-1100) Update embedded moduli file

Reply via email to