Phocean.net / Computer Security

My OpenSSL-based daemons are back up !

These commands should provide quite a good security level for a while (at least again non super-power governmental organizations) :

$ ssh-keygen -t rsa -b 4096
# openssl genrsa -aes256 -out secret.key 4096

I am the only person to use the server, so I don’t have any scallability issue.

Just to enforce the ssh configuration, I added these two line in sshd_config :

Protocol 2
HostKeyAlgorithms ssh-rsa

Related posts:

1. OpenSSL : CVE-2009-3555 security fix and mod_ssl client authentication breakage
2. Yet OpenSSL renegociation not fully fixed
3. openSUSE kernel sources : patching against sock_sendpage() NULL Pointer Dereference vulnerability