What KEY cryptographic algorithm do you choose under your LINUX VPS ?

xemaps

What KEY is the best for you ? Is your key secure enough ?
Vote !

xemaps

By using ssh-audit -p [PORT] [IP] you can see your settings on a lot of distributions.
Advanced testing : try LYNIS

vicaya

If you care about store now and decrypt later attacks, you should use OpenSSH 10+ (released in April this year) with the quantum resistant mlkem768x25519-sha256 at both client and server side. Otherwise, just use ed25519 (the most popular variant of EdDSA) for better UX.

DrNutella

I use some of these because no one would suspect it

DediRock

Ed25519

NeedDeal

I dont trust any. Roll a dice, its the same. Someone has backdoored or cracked it.

TimboJones

@NeedDeal said:
I dont trust any. Roll a dice, its the same. Someone has backdoored or cracked it.

Flat earther.

jsg

md5 of "12345" (binary) AND 0x11111111111111.

I'm thinking though about reversing it to "54321" and appending 2 more (binary) 1's to the AND.

Reason: While I think that not using a 4-char key but a 5-char key plus additionally ANDing it is verrry sakkure, it might (maybe, just a wild worst case guess) be even more sakkure to use "54321".

P.S. Please keep this info super-private!

TimboJones

@jsg said:
md5 of "12345" (binary) AND 0x11111111111111.

I'm thinking though about reversing it to "54321" and appending 2 more (binary) 1's to the AND.

Reason: While I think that not using a 4-char key but a 5-char key plus additionally ANDing it is verrry sakkure, it might (maybe, just a wild worst case guess) be even more sakkure to use "54321".

P.S. Please keep this info super-private!

Did you reply in the wrong thread?

RayRedd

@jsg said:
md5 of "12345" (binary) AND 0x11111111111111.

I'm thinking though about reversing it to "54321" and appending 2 more (binary) 1's to the AND.

Reason: While I think that not using a 4-char key but a 5-char key plus additionally ANDing it is verrry sakkure, it might (maybe, just a wild worst case guess) be even more sakkure to use "54321".

P.S. Please keep this info super-private!

but you posted it in public..

jsg

@RayRedd said:

@jsg said:
md5 of "12345" (binary) AND 0x11111111111111.

I'm thinking though about reversing it to "54321" and appending 2 more (binary) 1's to the AND.

Reason: While I think that not using a 4-char key but a 5-char key plus additionally ANDing it is verrry sakkure, it might (maybe, just a wild worst case guess) be even more sakkure to use "54321".

P.S. Please keep this info super-private!

but you posted it in public..

Ooopsie. Oh well, I guess I'll have to change it to "abcde" now ...

david

RSA 4096 (or 2048 for yubikeys). I don't completely trust ECDSA or EdDSA.

The kerfuffle with Dual_EC-DRBG probable backdoor and brittleness of ECDSA are disappointing. Even though most web pages (even mine) use ECDSA. EdDSA is better, but I'd still prefer RSA 4096 over it.

princeli

rsa

jsg

@david said:
RSA 4096 (or 2048 for yubikeys). I don't completely trust ECDSA or EdDSA.

The kerfuffle with Dual_EC-DRBG probable backdoor and brittleness of ECDSA are disappointing. Even though most web pages (even mine) use ECDSA. EdDSA is better, but I'd still prefer RSA 4096 over it.

Well then better be sure to only use the fastest Ryzens or even a TLS accelerator ... or no, wait, because these don't actually do the hard part at all.

And (seriously) maybe look at PQ algos and pick a decent one. Because if quantum computers, and I mean actually usable ones, ever become available RSA 4096 vs 2048 won't save you (nor will EC crypto).

david

It's just about making the best choices with what's available. For ssh, I think that's still RSA. For web pages, ECDSA is probably worth the faster response time, if the content isn't sensitive.

Ballinwrld

I've been using ECDSA for all my ssh keys. My reason was that I thought it had shorter key lengths, and gpt told me it's slightly more secure than RSA. But I should probably migrate all my keys to RSA because of the comments here lol.

xemaps

To be continued...
See click link : Has your VPS secured entropy ?

jsg

@Ballinwrld said:
I've been using ECDSA for all my ssh keys. My reason was that I thought it had shorter key lengths, and gpt told me it's slightly more secure than RSA. But I should probably migrate all my keys to RSA because of the comments here lol.

And gpt (in that case) is correct. Elliptic curve algos are slightly harder to crack with PQ. And I've yet to see a credible indication of RSA somehow magically being more secure.

Hint: consider any and all NIST approved algos as tainted by the NSA (NIST is known to bend over for NSA). Yet another avantage of elliptic curves because you actually can find good and trustworthy algos which are not NIST approved/tainted.

Just saying ...

xemaps

jsg

@xemaps said:

says who?

xemaps

@jsg said:

@xemaps said:

says who?

NIST Internal Report - NIST IR 8547 ipd - Transition to Post-Quantum Cryptography Standards -ClickMe

jsg

@xemaps said:

@jsg said:

@xemaps said:

says who?

NIST Internal Report - NIST IR 8547 ipd - Transition to Post-Quantum Cryptography Standards -ClickMe

Thanks, but I don't give a flying fuck about their recommendations. Btw. reasonable professionals would have started/did strat to look deeper into PQ alternatives already quite a while ago and will certainly not wait till 2030 to pick one and use it.

xemaps

I hope at least people use ssh-audit or are crypto specialist.
Just fun with cryptocurrency with edDSA.

xemaps

sshd_config adviced by ssh-audit

KexAlgorithms curve25519-sha256,diffie-hellman-group-exchange-sha256,diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512,[email protected]
HostKeyAlgorithms -ecdsa-sha2-nistp256,-ecdsa-sha2-nistp384,-ecdsa-sha2-nistp521
Ciphers [email protected],[email protected],aes128-ctr,[email protected],aes192-ctr,aes256-ctr
MACs [email protected],[email protected],[email protected]

Levi

@david said:
RSA 4096 (or 2048 for yubikeys). I don't completely trust ECDSA or EdDSA.

The kerfuffle with Dual_EC-DRBG probable backdoor and brittleness of ECDSA are disappointing. Even though most web pages (even mine) use ECDSA. EdDSA is better, but I'd still prefer RSA 4096 over it.

RSA 3072 is enough. 4096 is just showing e-penis.

jsg

@Levi said:

@david said:
RSA 4096 (or 2048 for yubikeys). I don't completely trust ECDSA or EdDSA.

The kerfuffle with Dual_EC-DRBG probable backdoor and brittleness of ECDSA are disappointing. Even though most web pages (even mine) use ECDSA. EdDSA is better, but I'd still prefer RSA 4096 over it.

RSA 3072 is enough. 4096 is just showing e-penis.

And at high cost at that, not only in terms or processing but also in terms of environment, electrical power, etc.

Fact is that most of us do not have a need to keep their communication hidden from NSA & friends. And the 3 letter agencies do not even care about most people's communication or data or, in case they did, so what, nothing evil and/or super secret to find there.

And against script kiddies and low level hackers even RSA 1024 is more than plenty enough.

But - of course! - "https everywhere" is the mantra and the herd follows obediently (and stupidly), even when by far most website are public anyway. But of course we must protect ourselves from thinking we are on Joe Nobody's site when in fact we might be tricked by evil Eve and led to her faked Joe Nobody's site!

So to hell with reason, let's use RSA 8192!!!

Hotmarer

md5 without salt is the best, because I prefer sweets.

xemaps

It's a pity to see how a lot of VPS come with NOT hardened sshd_config

NetPIMP

We run everything in clear text because we're not little bitches.

xemaps

@NetPIMP said:
We run everything in clear text because we're not little bitches.

in which lang !?

TimboJones

@xemaps said:

@NetPIMP said:
We run everything in clear text because we're not little bitches.

in which lang !?

Binary.