Announcement

**WorBlux** · 17 May 2021, 09:01 PM

Originally posted by skeevy420 View Post

Since we're going into meth-induced paranoia scenarios -- if a hacker has access to that many IPs then they likely have access to enough CPU cycles to brute force the checksum. You can't protect against that regardless of your protection scheme outside of 2FA...and that's assuming the hacker isn't going try to MITM your 2FA which is an equally valid fear if we're gonna be meth-specially paranoid.

If you're gonna go into the hundreds or thousands argument then nothing a person can do is safe or secure.

Most human passwords are in the 30-40 bits of entropy range. A properly generated 2048-bit keypair is much much larger than that. The NSA might be able to crack it if they are willing to spend a few million dollars of resources to do it, but it's unlikely that anyone else will in the next 10 years. The Paranoid can generate ECC Curve 25519 keypair that has about (atoms in the universe) times more entropy that the typical human-chosen password. https://www.microsoft.com/en-us/rese...11/www2007.pdf

In practical terms you aren't going to brute force a key, though some historical keys generated with insufficient entropy are problematic.

Announcement

Fedora 35 Might Drop Installer Option To "Allow SSH Root Login With Password"

Comment