[cfarm-users] Is RSA really insecure?
Alexandre Oliva
oliva at gnu.org
Thu Dec 14 05:22:28 CET 2023
On Dec 13, 2023, Jacob Bachmeyer <jcb62281 at gmail.com> wrote:
> This is a pet peeve of mine: unless you have a citation for an actual
> viable attack on RSA as used in SSH, or perhaps on the protocol SSH
> uses for RSA-based authentication
AFAIK, ssh-rsa relies on SHA1 and SHA1 is weakening. Labeling it as
'insecure', like I did, was probably an exaggeration, but there seems to
be good reason to phase it out proactively rather than reactively.
Thanks for keeping me honest ;-)
--
Alexandre Oliva, happy hacker https://FSFLA.org/blogs/lxo/
Free Software Activist GNU Toolchain Engineer
Disinformation flourishes because many people care deeply about injustice but
very few check the facts. Think Assange & Stallman. The empires strike back
More information about the cfarm-users
mailing list