Mastodawn

#WorkStories:
Someone from my company needs SSH access to some special, new machines hosted by a service provider. So, how do you securely exchange SSH keys?

The process that the nontechnical people came up with:
The service provider creates an #SSH key pair and sends us the private key via e-mail.
But they don't want to send over the SSH private key *unencrypted* via e-mail, that would be insecure. So someone should generate a #PGP key pair, send the public key to the service provider (via e-mail), who would encrypt the SSH private key with it and then send it via e-mail.

I can't decide whether I should be rolling on the floor laughing, crying in a quiet corner of the office or banging my head against the wall.

#cryptography #publickeycryptography #publickeycrypto

スパックマンクリス Jan 20, 2024

Remember that 63 digit number my computer is factoring? It is the product of 2 prime numbers.

Yeah, still factoring. Up to about 26 days. And public key crypto uses numbers several hundred digits long.

I find it really cool that #QuantumComputers will be able to factor these numbers in practical times. But, I have no idea how or why they are able to do this.

Can anyone help me on that part?

#cryptology #cryptanalysis #PublicKeyCrypto

JustusWingert Aug 1, 2023

Note: If you don't understand #pgp or #gpg or #publickeycrypto in general, that is not a problem. Those are gnarly and highly technical topics. At the same time this lack of understanding does NOT qualify you to release your own standard like #nostr did. It's frankly ridiculous that this kind of open rejection of factual reality gained any traction at all... Security is not a new thing. And #nostr is failing in ways we knew to avoid last century.