According to the answers in this question, SSH still uses a very basic algorithm for encrypting keys with a passphrase, which can be attacked at a rate of billions tries per second using dedicated hardware.
Better password protection schemes have been known for a while. Given how popular SSH is and how critical it is to the security of many organizations, I'm wondering why nobody seems to care about this problem?
Aucun commentaire:
Enregistrer un commentaire