|
|
|
|
|
|
by singlow
307 days ago
|
|
|
So what person is running an SSH server and configuring it to use post-quantum crypto, but is using password Auth? Priorities are out-of-whack. Not that this is a bad thing, but first start using keys, then start rotating them regularly and then worry about theoretical future attacks. |
|
|
A captured SSH session should never be able to decrypted by an adversary regardless of whether it uses passwords or keys, or how weak the password is.