openssh and keys - secure ones
somewhere around 2013 (and precisely - for ‘small’ Santa Claus, so 6th of December), OpenSSH was extended to provide new way of storing keys. it’s important because the old format - MD5 hash - can be cracked veeeeery quickly. developers decide to use modification of bcrypt, that will slow down GPU-assisted cracking attempts in hashcat from gigahashes per second, to at most kilohashes. what you need to do to upgrade your defenses? first of all, take care of the keys themselves. i’m using 2048 bit long RSA keys, and because some of the older equipment can’t handle more, i have to stay with that. my private key looks like this today: ...