WingNews logo WingNews
top | item 44864761

(no title)

singlow | 6 months ago

So what person is running an SSH server and configuring it to use post-quantum crypto, but is using password Auth? Priorities are out-of-whack.

Not that this is a bad thing, but first start using keys, then start rotating them regularly and then worry about theoretical future attacks.

discuss

order

djmdjm|6 months ago

Those are completely disjoint threats.

A captured SSH session should never be able to decrypted by an adversary regardless of whether it uses passwords or keys, or how weak the password is.