North American Network Operators Group

Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical

Re: ABOVE.NET SECURITY TRUTHS?

  • From: Mark Milhollan
  • Date: Sun Apr 30 21:42:49 2000

Chris Cappuccio writes:
>The ssh server should optimally generate new keys every so often (every few
>hours?)
>
>This generally takes a lot of CPU time, and on a 2501 it would probably take
>quite a while!!!

So let it.  There's usually no rush.  A low priority process that begins
generating a key immediately should have one ready by the time you'd
like it changed.

More problematic is the processing requirements of encryption and
decryption, and the memory overhead overall.