[1995] in linux-net channel archive
Re: Secure RPC NFS client & server is available.
daemon@ATHENA.MIT.EDU (Theodore Ts'o)
Thu Feb 29 19:17:54 1996
Date: Thu, 29 Feb 1996 18:33:43 -0500
From: "Theodore Ts'o" <tytso@mit.edu>
To: kuznet@ms2.inr.ac.ru
Cc: linux-net@vger.rutgers.edu, linux-kernel@vger.rutgers.edu
In-Reply-To: inr-linux-net@ms2.inr.ac.ru's message of Thu, 29 Feb 1996 22:49:35 +0300 (MSK),
<199602291949.WAA07608@ms2.inr.ac.ru>
Please be aware that Secure RPC is not really secure. It'll stop most
high-school students, since (I don't think) anyone is distributing a
toolkit to break Secure RPC. However, the 192 bit Diffie-Hellman
modulus used by Secure RPC was broken approximately 10 years ago, by
LaMacchia, et. al. In general, Diffie-Hellman moduli should be at least
512, and preferably 1024 bits long. 192 bits is way too short.
That shouldn't stop people from using Secure RPC, since it is better
than nothin. It is also useful if you wish to be compatible with SunOS
or Solaris. But please be aware that it's not "truly" secure.
- Ted
