On Monday 09 Sep 2013 20:24:56 Michael Orlitzky wrote: > On 09/09/2013 02:07 PM, Mick wrote: > > On Monday 09 Sep 2013 14:42:28 Michael Orlitzky wrote: > >> On 09/09/2013 01:28 AM, Mick wrote: > >>> Are you saying that 2048 RSA keys are no good anymore? > >> > >> They're probably fine, but when you're making them yourself, the > >> extra bits are free. I would assume that the NSA can crack > >> 1024-bit RSA[1], so why not jump to 4096 so you don't have to do > >> this again in a few years? > > > > Right, but my router won't work with keys larger than 2048 and its > > admin GUI is controlled with 1024-bit public certificate. > > How often do you need to admin the router? Just do it from home (i.e. > on the LAN side).
Yes, that's how I do it, or I VPN into the LAN from the outside if there is some emergency. However, the VPN SSL keys can't be any larger that 2048-bit. -- Regards, Mick
signature.asc
Description: This is a digitally signed message part.
