(資料圖片僅供參考)
1月26日消息���,openSUSE的Marcus Meissner宣布�,openSUSE Linux的RPM和存儲(chǔ)庫簽名密鑰正在切換為使用更強(qiáng)大的4096位RSA密鑰�����,為用戶提供更好的安全性。
新的RSA密鑰將應(yīng)用于openSUSE Tumbleweed滾動(dòng)發(fā)布����,以及openSUSE Leap、openSUSE Backports和SLE(SUSE Linux Enterprise)存儲(chǔ)庫�����。
對于openSUSE Tumbleweed����,將從本周的快照開始使用新的4096位RSA密鑰。這意味著如果用戶定期更新Tumbleweed存儲(chǔ)庫����,將自動(dòng)升級(jí)到新的RSA密鑰,該密鑰將導(dǎo)入到RPM keyring中���。
根據(jù)Marcus Meissner的說法���,這種轉(zhuǎn)換對于滿足當(dāng)前的安全建議是必要的。眾所周知���,4096位密鑰的強(qiáng)度比2048位密鑰大大增加���。不過,4096位密鑰在握手期間會(huì)占用大量CPU資源���。
新的4096位密鑰的GPG指紋如下:pub rsa4096/0x35A2F86E29B700A42022-06-20[SC][expires:2026-06-19]Key fingerprint=AD485664E901B867051A B15F35A2F86E29B700A4uid openSUSE Project Signing Key
想要手動(dòng)導(dǎo)入用戶請看下面的完整GPG密鑰:-----BEGIN PGP PUBLIC KEY BLOCK-----Version:GnuPG v2.0.15(GNU/Linux)mQINBGKwfiIBEADe9bKROWax5CI83KUly/ZRDtiCbiSnvWfBK1deAttV+qLTZ006090eQCOlMtcjhNe641Ahi/SwMsBLNMNich7/ddgNDJ99H8Oen6mBze00Z0Nlg2HZ VZibSFRYvg+tdivu83a1A1Z5U10Fovwc2awCVWs3i6/XrpXiKZP5/Pi3RV2K7VcG rt+TUQ3ygiCh1FhKnBfIGS+UMhHwdLUAQ5cB+7eAgba5kSvlWKRymLzgAPVkB/NJ uqjz+yPZ9LtJZXHYrjq9yaEy0J80Mn9uTmVggZqdTPWx5CnIWv7Y3fnWbkL/uhTR uDmNfy7a0ULB3qjJXMAnjLE/Oi14UE28XfMtlEmEEeYhtlPlH7hvFDgirRHN6kss BvOpT+UikqFhJ+IsarAqnnrEbD2nO7Jnt6wnYf9QWPnl93h2e0/qi4JqT9zw93zs fDENY/yhTuqqvgN6dqaD2ABBNeQENII+VpqjzmnEl8TePPCOb+pELQ7uk6j4D0j7slQjdns/wUHg8bGE3uMFcZFkokPv6Cw6Aby1ijqBe+qYB9ay7nki44OoOsJvirxv p00MRgsm+C8he+B8QDZNBWYiPkhHZBFi5GQSUY04FimR2BpudV9rJqbKP0UezEpc m3tmqLuIc9YCxqMt40tbQOUVSrtFcYlltJ/yTVxu3plUpwtJGQavCJM7RQARAQAB tDRvcGVuU1VTRSBQcm9qZWN0IFNpZ25pbmcgS2V5IDxvcGVuc3VzZUBvcGVuc3Vz ZS5vcmc+iQI+BBMBAgAoBQJisH4iAhsDBQkHhM4ABgsJCAcDAgYVCAIJCgsEFgID AQIeAQIXgAAKCRA1ovhuKbcApKRrEACJMhZhsPJBOkYmANvH5mqlk27brA3IZoM48qTzERebzKa0ZH1fgRI/3DhrfBYL0M5XOb3+26Ize0pujyJQs61Nlo1ibtQqCoyu dvP/pmY1/Vr374wlMFBuCfAjdad4YXkbe7q7GGjo6cF89qtBfTqEtaRrfDgtPLx/s9/WXLGo0XYqCCSPVoU66jQYNcCt3pH+hqytvntXJDhU+DveOnQCOSBBHhCMST3E QvriN/GnHf+sO19UmPpyHH0TM5Ru4vDrgzKYKT/CzbllfaJSk9cEuTY8Sv1sP/7B Z7YvOE0soIgM1sVg0u3R/2ROx0MKoLcq7EtLw64eE+wnw9bHYZQNmS+J/18p7Bo8I7e+8WRi+m/pus5FEWsIH1uhxKLgJGFDTHHGZtW+myjnUzXVIkpJGrKoolzYjHdK lRYM2fVuNI1eq6CZ6PFXg2UxovVczSnGMO33HZE09vpgkRDBrw1vF0o/Wnm02kig V6xYHk5wJx8vL74wPvCbw73UNT9OSdxYAz7JPqGOD6cpKe7XcAH2sYmlGpggAIUz Rq/lROEF5lx4SxB838JU4ezxD++BJXfBTE8JZmlGscXv74y9nCtSOZza8KOKj8ou WRl739FMnx9jRd7HHj3TIyymoveODnZ7f3IElyyFsjBW3XuQ9XfpZrIkwHuaZV5M6q2h+hgWNQ===nMh8-----END PGP PUBLIC KEY BLOCK-----
了解到�,Meissner表示���,openSUSE Leap系統(tǒng)將在2023年的某個(gè)時(shí)候切換到新的RSA密鑰��,但沒有提供具體時(shí)間框架�����。因此����,強(qiáng)烈建議始終使得系統(tǒng)和補(bǔ)丁安裝保持最新���。
