1 |
On Monday 09 Sep 2013 20:24:56 Michael Orlitzky wrote: |
2 |
> On 09/09/2013 02:07 PM, Mick wrote: |
3 |
> > On Monday 09 Sep 2013 14:42:28 Michael Orlitzky wrote: |
4 |
> >> On 09/09/2013 01:28 AM, Mick wrote: |
5 |
> >>> Are you saying that 2048 RSA keys are no good anymore? |
6 |
> >> |
7 |
> >> They're probably fine, but when you're making them yourself, the |
8 |
> >> extra bits are free. I would assume that the NSA can crack |
9 |
> >> 1024-bit RSA[1], so why not jump to 4096 so you don't have to do |
10 |
> >> this again in a few years? |
11 |
> > |
12 |
> > Right, but my router won't work with keys larger than 2048 and its |
13 |
> > admin GUI is controlled with 1024-bit public certificate. |
14 |
> |
15 |
> How often do you need to admin the router? Just do it from home (i.e. |
16 |
> on the LAN side). |
17 |
|
18 |
Yes, that's how I do it, or I VPN into the LAN from the outside if there is |
19 |
some emergency. However, the VPN SSL keys can't be any larger that 2048-bit. |
20 |
|
21 |
-- |
22 |
Regards, |
23 |
Mick |