[CentOS] establish a 128 bit encrypted tunnel between centos 5.2 boxes

Robert Moskowitz rgm at htt-consult.com
Tue Aug 26 22:55:41 UTC 2008


Jeff Kinz wrote:
> On Tue, Aug 26, 2008 at 04:04:21PM -0400, Jerry Geis wrote:
>   
>> Is there an easy way or anyway to establish a 128 bit encrypted tunnel 
>> between a handful of centos 5.2 boxes?
>>     
>
> In addition the rest of the good info others already posted for you,
> please remember that "128 bit encryption" doesn't mean anything 
> unless you also specify the encryption scheme being used.
>
> A 128 bit encryption scheme may or may not be easily broken depending on
> which one it is. (Pick a good!)
Actually 'we' (crypto community) talk about crypto-suites, as you have 
to look at all the pieces involved. If everything is not disclosed (like 
with Skype), then you just don't know where the weakness may be.

SSH, IPsec (watch out for the 'Null' cipher :) ), TLS (some of the 
suites are too weak to talk about), and HIP are all well-rounded 
security protocols. I have worked on all of them.




More information about the CentOS mailing list