On Wed, May 14, 2008 at 05:26:52PM +0200, Gabor Gombas wrote:
> On Wed, May 14, 2008 at 01:38:33PM +0100, Colin Watson wrote:
> > On Wed, May 14, 2008 at 01:47:35PM +0200, Gábor Gombás wrote:
> > > The package only contains a blacklist for 2048-bit RSA keys. There
> > > should be a description how to obtain/generate the blacklist for other
> > > key lengths.
> > 
> > That's called "exploit code", and I'm not willing to give it out yet,
> > sorry.
> 
> Could you then at least provide blacklists for other commonly used key
> sizes, like 1024, 1536, 3072 and 4096?

The problem here is that the package gets inconveniently large ... this
has to fit on CDs that include openssh-server.

Perhaps openssh-blacklist-extra or something would work.

-- 
Colin Watson                                       [EMAIL PROTECTED]



-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Reply via email to