Recent searches
Search options
@c0dec0dec0de oh, cat's out of the bag https://bsky.app/profile/filippo.abyssdomain.expert/post/3kowk2vdagg2c
Bluesky Social · Filippo Valsorda (@filippo.abyssdomain.expert)The payload is extracted from the N value (the public key) passed to RSA_public_decrypt, checked against a simple fingerprint, and decrypted with a fixed ChaCha20 key before the Ed448 signature verification.
@ryanc oh noes. I forgot about that whole thing for a minute and thought you were just goofing around. Spent a minute or two tossing around whether I thought it constituted any kind of weakness on the part of a server using one and decided “probably not” especially given how some keys were generated in the last with an eye towards having fewer up bits to reduce processing time.
@c0dec0dec0de
I need to check the access logs for this:
https://rya.nc/ssh-vanity.html
rya.ncSSH “Vanity” Key GeneratorWhat is this? Type something consisting of base64 characters into the “Embedded Text” field, then click “Submit”. An SSH keypair will be generated, and the public key will contain your…
@ryanc @c0dec0dec0de I'll stick with my timorous key generator.