331
cat (lemmy.zip)
you are viewing a single comment's thread
view the rest of the comments
[-] dan@upvote.au 21 points 1 month ago

id_rsa shouldn't exist any more.

[-] bjoern_tantau@swg-empire.de 38 points 1 month ago

If I had a nickel for every time I had to change my ssh key algorithm I'd have two nickels.

Which isn't much but it's concerning that it happened twice.

[-] friend_of_satan@lemmy.world 23 points 1 month ago* (last edited 1 month ago)

A few days ago I was messing with my ubiquiti dream router and its ssh config option said the key should start with ssh-rsa ๐Ÿ™„

[-] dan@upvote.au 19 points 1 month ago

It probably accepts other key types and it's just the UI that's outdated. I doubt they're using an SSH implementation other than Dropbear or OpenSSH, and both support ed25519.

[-] dbx12@programming.dev 2 points 1 month ago

Could be stupid input validation which requires ^ssh-rsa

[-] Scoopta@programming.dev 11 points 1 month ago

Fact of the matter is RSA is perfectly secure still...and ECDSA/ED25519 should also be extinct given the rising need for post quantum cryptography

[-] Supermariofan67@programming.dev 16 points 1 month ago

The problem is not the RSA math itself but that it is both extremely slow and implementing it is particularly susceptible to bugs and side channel attacks https://blog.trailofbits.com/2019/07/08/fuck-rsa/

[-] Scoopta@programming.dev 1 points 1 month ago

Most of the situations I encounter RSA are in projects where I hope RSA is implemented correctly. I have a lot of Let's Encrypt certs that are still RSA and my main SSH keys are still RSA. All of these were generated quite some time ago. I understand the problem with projects that implement it incorrectly but I'd hope OpenSSH and certbot aren't those projects ๐Ÿ˜ฅ

[-] computergeek125@lemmy.world 1 points 1 month ago

For Certbot, I think it's even further up the chain - OpenSSL. And if you're installing it to Apache or Nginx, its probably just OpenSSL again.

[-] peeteer@feddit.org 2 points 1 month ago

Azure DevOps only allows you to use RSA keys. This caused a major outage in May (they switched from V1 to V2) :).

this post was submitted on 26 Oct 2024
331 points (94.9% liked)

Programmer Humor

19774 readers
11 users here now

Welcome to Programmer Humor!

This is a place where you can post jokes, memes, humor, etc. related to programming!

For sharing awful code theres also Programming Horror.

Rules

founded 2 years ago
MODERATORS