[arch-general] How long do you make the passphrase for the private key?
Jude DaShiell
jdashiel at panix.com
Mon Jun 24 15:45:10 UTC 2019
The last standard the United States Navy used before it migrated to
smartcards was 16 characters with at least two digits; at least two
upper-case, at least two lower-case, and at least two special
characters. A slight improvement on that would have been to insure the
pass phrase started and ended with a letter.
On Mon, 24 Jun 2019, Manuel Reimer wrote:
> Date: Mon, 24 Jun 2019 11:02:57
> From: Manuel Reimer <mail+archgeneral at m-reimer.de>
> Reply-To: General Discussion about Arch Linux <arch-general at archlinux.org>
> To: arch-general at archlinux.org
> Subject: [arch-general] How long do you make the passphrase for the private
> key?
>
> Hello,
>
> I want to publish a package repository with some packages that I need and only
> want to build once for all my systems.
>
> I want to make the packages available for general use. I have server space for
> that so I only have to rsync my final repo to my server after compiling my
> packages.
>
> I have my autobuild set up and signing seems to work, too.
>
> For convenience, I decided to make the passphrase not too long.
>
> I have 10 characters with both, alphanumeric and "special characters".
>
> I think if the passphrase is meant to be uncrackable alone, then we wouldn't
> need the big private key file, right?
>
> Is my passphrase long enough? What do the trusted users think about this
> topic?
>
> Thanks in advance
>
> Manuel
>
>
--
More information about the arch-general
mailing list