Comments by "Gilad Barlev" (@GSBarlev) on "OpenSSH is about to change. (For the better.)" video.

  1. I mean, I guess? It's basically, "Here, I'm going to hand you this lock so that the next time we meet, you'll know it's me, because I'm the only one who can unlock it."
    4
  2. She didn't even say "less secure" she said "often less secure," a qualification which, while probably more accurate, is not one I've ever heard across any of the cryptography guides I've read, which all uniformly advise avoiding RSA.
    2
  3. Updating SSH keys is a pain in the toucans, but totally agree that it's definitely good hygiene. As a slight aside, I recently wiped and reinstalled the OS on my Steam Deck, making sure to back up ~/.ssh to avoid having to update my keys. Except I forgot to back up my host keys in /etc/ssh, and so I had to go through the hassle of key-pruning across my ecosystem anyway. 😭
    2
  4. Interesting. I was just fooling around with Paramiko, which checks first for id_ed225519 before id_rsa
    1
  5.  @kwinzman  Did it say something about RSA being less vulnerable to quantum computing? If so, I think I read that. My knowledge of cryptographic ciphers is mostly academic and largely a decade stale, so I can't dismiss it off the bat. I'm still skeptical of the claim and whether it would be be meaningfully more secure for a actual quantum computer (that is, if if it could resist cracking by a 10,000-bit QC for 20 seconds instead of 10, then does that matter, especially if we could be a century off of a QC that powerful?)
    1
  6.  @pepeshopping  Not of /etc. My backups only covered /home/deck.
    1
  7.  @Raycursion  Yes, that's correct. But I have a lot of machines on my network running OpenSSH that needed to be pruned. And given that they tend to have entries for each way the machine is identified (via IP vs via DNS), it was maybe five minutes each across a dozen machines, so an hour in sum.
    1