> What purpose does rekeying serve? Just curious. Is it for sites that
> change host keys really frequently?
Rekeying causes your session key to be changed periodically (say, once per
hour). It just increases the cryptographic strength of the session - even
if someone manages to break a session key (e.g., because a more efficient
way to break a cipher is discovered), rekeying significantly increases the
work factor needed to break longer connections. It also helps avoid
long-lived session keys from being stored all around the machine's swap
space etc.
(It is not related to host key changes, it just increases the
cryptographic strength by adding one more line of defense against
cryptographic attacks.)
Tatu
--
SSH Communications Security http://www.ssh.com/
SSH IPSEC Toolkit http://www.ipsec.com/
SSH(R) Secure Shell(TM) http://www.ssh.com/ssh
On Wed, 7 Feb 2001, Peter Schwenk wrote:
>
> --
> PETER SCHWENK | Campus IT Associate 3
> Department of Mathematical Sciences | University of Delaware
> [EMAIL PROTECTED] | (302)831-0437
>
>
>
