nanog mailing list archives

Re: ABOVE.NET SECURITY TRUTHS?

From: Mark Milhollan <mlm () ftel net>
Date: Sun, 30 Apr 2000 18:38:55 -0700


Chris Cappuccio writes:

The ssh server should optimally generate new keys every so often (every few
hours?)

This generally takes a lot of CPU time, and on a 2501 it would probably take
quite a while!!!


So let it.  There's usually no rush.  A low priority process that begins
generating a key immediately should have one ready by the time you'd
like it changed.

More problematic is the processing requirements of encryption and
decryption, and the memory overhead overall.

Current thread:

Re: ABOVE.NET SECURITY TRUTHS?, (continued)
- - - Re: ABOVE.NET SECURITY TRUTHS? Philip Smith (Apr 30)
    - Re: ABOVE.NET SECURITY TRUTHS? John Kristoff (Apr 28)
  - Re: ABOVE.NET SECURITY TRUTHS? Alex Rubenstein (Apr 28)
- RE: ABOVE.NET SECURITY TRUTHS? Greene, Dylan (Apr 28)
- Re: ABOVE.NET SECURITY TRUTHS? Danny McPherson (Apr 28)
  - Re: ABOVE.NET SECURITY TRUTHS? Joe Shaw (Apr 30)
- RE: ABOVE.NET SECURITY TRUTHS? Greene, Dylan (Apr 28)
  - RE: ABOVE.NET SECURITY TRUTHS? Mr. James W. Laferriere (Apr 28)
    - RE: ABOVE.NET SECURITY TRUTHS? Chris Cappuccio (Apr 28)
    - Re: ABOVE.NET SECURITY TRUTHS? Michael Shields (Apr 28)
    - Re: ABOVE.NET SECURITY TRUTHS? Mark Milhollan (Apr 30)
    - RE: ABOVE.NET SECURITY TRUTHS? Roeland Meyer (E-mail) (Apr 28)
  - RE: ABOVE.NET SECURITY TRUTHS? Roeland Meyer (E-mail) (Apr 28)
  - SSH on IOS (was RE: ABOVE.NET SECURITY TRUTHS?) Jason Ackley (Apr 28)
    - Re: SSH on IOS (was RE: ABOVE.NET SECURITY TRUTHS?) John Fraizer (Apr 28)
    - RE: SSH on IOS (was RE: ABOVE.NET SECURITY TRUTHS?) Roeland Meyer (E-mail) (Apr 28)
- Re: ABOVE.NET SECURITY TRUTHS? Vadim Antonov (Apr 28)
  - Re: ABOVE.NET SECURITY TRUTHS? dies (Apr 28)
- RE: ABOVE.NET SECURITY TRUTHS? Exiled Dave (Apr 28)
  - RE: ABOVE.NET SECURITY TRUTHS? Roeland Meyer (E-mail) (Apr 28)
  - Re: ABOVE.NET SECURITY TRUTHS? Christopher B. Zydel (Apr 29)

(Thread continues...)