Add rc.conf variables to control host key length
Robert Simmons
rsimmons0 at gmail.com
Sun Jun 24 17:26:23 UTC 2012
On Sun, Jun 24, 2012 at 12:59 PM, J. Hellenthal <jhellenthal at dataix.net> wrote:
> These are more then sufficient for any normal ssh use.
I'm sorry if I sound rude, but I wanted to have a bit more of a
substantive discussion than quoting the man pages. Especially since
what you are quoting dates back to a change to
src/crypto/openssh/ssh-keygen.1 dated the following:
Sun Sep 11 16:50:35 2005 UTC (6 years, 9 months ago) by des
Being that the old "considered sufficient" of 1024 was added at the
following revision date:
Thu Feb 24 14:29:46 2000 UTC (12 years, 4 months ago) by markm
I would say that we are exactly due for a real discussion as to what
should be considered sufficient with regards to modern processors and
GPUs.
More information about the freebsd-security
mailing list