Mailing List Archive

Possibility to use shorter RSA keys when absolutely necessary
Hello,

I have struggled with older network gear, where either it is not possible
because of the lack of new FW or lack of permit to upgrade. If you think that
having this option needs more safeguards, please give ideas on what kind of
extra checks or options or anything.

So I added the option RSAMinimumModulusSize which can lower the now hardcoded
SSH_RSA_MINIMUM_MODULUS_SIZE.  I also implemented a hard limit to prevent
ridiculously show keys.

I think it is better ti use up to date OpenSSH instead of your own specially
compiled binary or telnet.

I made a bug report here: https://bugzilla.mindrot.org/show_bug.cgi?id=3174 and
a pull request here: https://github.com/openssh/openssh-portable/pull/188 .

Please comment!

BR

    Antti Louko

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev