Aktualisiert eure SSH Keys

DSA and RSA 1024 bit are deprecated now

Kommentieren Sep 29 2017


Ist nicht mehr das Neueste vom Neuesten aber immer wieder wichtig hevorzuheben:

Upgrade your SSH keys!

If you’ve created your key more than about four years ago with the default options it’s probably insecure (RSA < 2048 bits). Even worse, I’ve seen tweeps, colleagues and friends still using DSA keys (ssh-dss in OpenSSH format) recently. That’s a key type similar to RSA, but limited to 1024 bits size and therefore recommended against for a long time. It’s plainly insecure and refused for valid reasons in recent OpenSSH versions (see also the changelog for 7.0).

Also nichts wie rann und updaten…