[46488] in North American Network Operators' Group
Re: 1024-bit RSA keys in danger of compromise (fwd)
daemon@ATHENA.MIT.EDU (Brett Eldridge)
Sun Mar 31 13:17:03 2002
Date: Sun, 31 Mar 2002 10:15:14 -0800 (PST)
From: Brett Eldridge <brett@atomicgears.com>
Reply-To: Brett Eldridge <brett@atomicgears.com>
To: Len Sassaman <rabbi@quickie.net>
Cc: nanog@merit.edu, <beldridg@pobox.com>
In-Reply-To: <Pine.LNX.4.30.QNWS.0203251505280.12074-100000@thetis.deor.org>
Message-ID: <Pine.BSO.4.44.0203310946200.22105-100000@vertigo.lo0.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Errors-To: owner-nanog-outgoing@merit.edu
On Mon, 25 Mar 2002, Len Sassaman wrote:
> I've mailed Theo de Raadt asking if OpenSSH has an undocumented
> mechanism for specifying minimum permitted key size that I don't know
> about. If there is one, I'll certainly post a follow-up.
the new CVS versions of OpenSSH (the current portable CVS version doesn't
have the changes quite yet) allow you to specify a minimum key lentgh as a
#define at compile time. see ssh.h:
#define SSH_RSA_MINIMUM_MODULUS_SIZE 768
- brett
