[kwlug-disc] Stronger SSH keys and SSL certificates

Khalid Baheyeldin kb at 2bits.com
Sun Apr 20 17:18:08 EDT 2014


My question was mainly about SSH keys, which I am thinking of replacing
just in case, and want to know what are the best hardening practices.

Number of bits is one factor, yes. What about cipher choices, ...etc.?

For SSL ...

The self signed SSL certificate example is for internal use, mainly testing
and experimenting. It is not meant to be exposed to real site visitors,
since people will freak out if their browser says "hey, this is not vouched
for". So don't worry about that. The question is mainly for when a real SSL
certificate is needed.

Khalid M. Baheyeldin
2bits.com, Inc.
Fast Reliable Drupal
Drupal optimization, development, customization and consulting.
Simplicity is prerequisite for reliability. --  Edsger W.Dijkstra
Simplicity is the ultimate sophistication. --   Leonardo da Vinci
For every complex problem, there is an answer that is clear, simple, and
wrong." -- H.L. Mencken
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://kwlug.org/pipermail/kwlug-disc_kwlug.org/attachments/20140420/dc6af764/attachment.html>

More information about the kwlug-disc mailing list