Comment by bityard
13 days ago
> but also allowing an attacker to run an offline decryption attack with unlimited attempts. This invariably leads to your main password getting compromised.
Do the OpenSSH authors not know about PKBDF2 or similar?
13 days ago
> but also allowing an attacker to run an offline decryption attack with unlimited attempts. This invariably leads to your main password getting compromised.
Do the OpenSSH authors not know about PKBDF2 or similar?
How does PBKDF2 prevent an offline decryption attack with unlimited attempts?
All it does is slow down the attempts, but for the average person's easy-to-remember password, it's probably increasing the effort from milliseconds to a few days.
I always aimed for 15+ letter passwords and set at least 100 rounds of the key function? (The -a flag) when generating password protected ssh keys.