Bug#671063: an update on this bug?
Thijs Kinkhorst
thijs at debian.org
Mon Oct 22 07:52:48 UTC 2012
severity 671063 normal
thanks
> This should be done by the administrator on demand with his own choice of
> parameters. Ån automatic generation can be done at each new installation
> (better) or at each upgrade, but anyway that would imply having the same
> set for years in many cases. A patch for the postinst is welcome anyway.
Regenerating the largest parameters that are currently included in proftpd
takes about 48h on a fast system with normal amounts of entropy. It's
therefore not feasible to do this on installation or even at build time. I
also doubt that users should be bothered with this at install time as I
guess hardly any user will understand the choice he's given.
Perhaps regenerating them at build or install time is a good idea but this
is only feasible for a small set of relatively shorter param lengths.
In any case, although refreshing them from time to time may be good, there
are to me no concrete indications that the current parameters are not
strong enough to continue to be used, so I don't think this should remain
RC.
Cheers,
Thijs
More information about the Pkg-proftpd-maintainers
mailing list