[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Password quality?

To: Kristian Köhntopp <kris@koehntopp.de>
Subject: Re: [Full-Disclosure] Password quality?
From: the1@unixclan.net
Date: Wed, 10 Dec 2003 14:49:47 -0800 (PST)

I'm not sure if any "tool" exsists for this, but you could probably hack
something together after reading:
Applied Cryptography, Bruce Schneier
RFC 2631 - Diffie-Hellman Key Agreement Method
SSH, The Secure Shell: The Definitive Guide, O.Reilly


On Wed, 10 Dec 2003, Kristian [iso-8859-1] Köhntopp wrote:

>
> I know how to check Unix and Windows passwords for quality - John the Ripper
> is quite an encompassing tool (http://www.openwall.com/john/).
>
> I now need to check ssh2 and openssh private keys for policy compliance - do
> they have a password, and is it nontrivial?
>
> Which tool am I going to use?
>
> Kristian
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
>

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Password quality?
  - From: Kristian Köhntopp <kris@koehntopp.de>

Prev by Date: Re: [Full-Disclosure] Re: Internet Explorer URL parsing vulnerability
Next by Date: [Full-Disclosure] [RHSA-2003:390-01] Updated gnupg packages disable ElGamal keys
Previous by thread: Re: [Full-Disclosure] Password quality?
Next by thread: Re: [Full-Disclosure] Password quality?
Index(es):
- Date
- Thread