<div dir="auto">It all depends on the underlying encryption methods and server configuration. As long as the encryption libs are up to date, any known breakable methods explicitly blocked from use, it's solid.<div dir="auto"><br></div><div dir="auto">That said, 1024 bit keys should be replaced last year, 2048 are a minimum, and 4096 but causes problems with older versions. </div><div dir="auto"><br></div><div dir="auto">Each distro builds it's own openssh so there are variations that may bite later. I'm particularly fond of the patch that can query ldap through sssd for a users pub key. It also supports being a container for the priv key so a tight control of a closed environment can exist with sssd, ldap, and openssh by using a tool chain through freeipa.</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sat, Nov 26, 2022, 3:22 PM Leam Hall via Ale <<a href="mailto:ale@ale.org">ale@ale.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">In days of old, OpenSSH had a reputation for being "more" secure. However, Linux has gotten a lot more brain share, and I wonder if that reputation is still deserved. Thoughts?<br>
<br>
Leam<br>
<br>
-- <br>
Automation Engineer (<a href="http://reuel.net/resume" rel="noreferrer noreferrer" target="_blank">reuel.net/resume</a>)<br>
Scribe: The Domici War (<a href="http://domiciwar.net" rel="noreferrer noreferrer" target="_blank">domiciwar.net</a>)<br>
General Ne'er-do-well (<a href="http://github.com/LeamHall" rel="noreferrer noreferrer" target="_blank">github.com/LeamHall</a>)<br>
_______________________________________________<br>
Ale mailing list<br>
<a href="mailto:Ale@ale.org" target="_blank" rel="noreferrer">Ale@ale.org</a><br>
<a href="https://mail.ale.org/mailman/listinfo/ale" rel="noreferrer noreferrer" target="_blank">https://mail.ale.org/mailman/listinfo/ale</a><br>
See JOBS, ANNOUNCE and SCHOOLS lists at<br>
<a href="http://mail.ale.org/mailman/listinfo" rel="noreferrer noreferrer" target="_blank">http://mail.ale.org/mailman/listinfo</a><br>
</blockquote></div>