Mailing List Archive: Question about ssh-keygen -a rounds

raf wrote:

> Hi,
>
> man ssh-keygen says:
>
> -a rounds
> When saving a private key, this option specifies
> the number of KDF (key derivation function) rounds used.
> Higher numbers result in slower passphrase verification
> and increased resistance to brute-force password cracking
> (should the keys be stolen).
>
> What constitutes "Higher" here? Is 100 high or is 100000 high?
>
> What's the default number of rounds in the absence of the -a option?
> Could the default value be added to the manpage?
>
> cheers,
> raf

I've just checked the source, and the default is 16.
The algorithm is bcrypt. So 16 is probably perfect.
It would be nice for this information to be in the
manpage. Here's a potential patch.

cheers,
raf

--- ssh-keygen.1.orig 2020-07-15 11:42:34.000000000 +1000
+++ ssh-keygen.1 2020-07-15 11:48:28.000000000 +1000
@@ -270,6 +270,7 @@ When saving a private key, this option s
(key derivation function) rounds used.
Higher numbers result in slower passphrase verification and increased
resistance to brute-force password cracking (should the keys be stolen).
+The KDF algorithm is bcrypt. The default number of rounds is 16.
.It Fl B
Show the bubblebabble digest of specified private or public key file.
.It Fl b Ar bits

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev