Setting default RSA size in ssh-keygen to 4096.
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
This commit is contained in:
parent
78f24f870e
commit
4371b1d9fc
GPG key ID:
BCC918A2ABD66424
2 changed files with 28 additions and 0 deletions
27
debian/patches/progress-linux/0001-ssh-keygen-default-rsa-size.patch
vendored
Normal file
27
debian/patches/progress-linux/0001-ssh-keygen-default-rsa-size.patch
vendored
Normal file
|
|
@ -0,0 +1,27 @@
|
|||
Author: Daniel Baumann <daniel.baumann@progress-linux.org>
|
||||
Description: Setting default RSA size in ssh-keygen to 4096.
|
||||
|
||||
diff -Naurp openssh.orig/ssh-keygen.1 openssh/ssh-keygen.1
|
||||
--- openssh.orig/ssh-keygen.1
|
||||
+++ openssh/ssh-keygen.1
|
||||
@@ -289,7 +289,7 @@ The default is 16 rounds.
|
||||
Show the bubblebabble digest of specified private or public key file.
|
||||
.It Fl b Ar bits
|
||||
Specifies the number of bits in the key to create.
|
||||
-For RSA keys, the minimum size is 1024 bits and the default is 3072 bits.
|
||||
+For RSA keys, the minimum size is 1024 bits and the default is 4096 bits.
|
||||
Generally, 3072 bits is considered sufficient.
|
||||
For ECDSA keys, the
|
||||
.Fl b
|
||||
diff -Naurp openssh.orig/ssh-keygen.c openssh/ssh-keygen.c
|
||||
--- openssh.orig/ssh-keygen.c
|
||||
+++ openssh/ssh-keygen.c
|
||||
@@ -80,7 +80,7 @@
|
||||
* which a 160bit hash is acceptable is 1kbit, and since ssh-dss specifies only
|
||||
* SHA1 we limit the DSA key size 1k bits.
|
||||
*/
|
||||
-#define DEFAULT_BITS 3072
|
||||
+#define DEFAULT_BITS 4096
|
||||
#define DEFAULT_BITS_DSA 1024
|
||||
#define DEFAULT_BITS_ECDSA 256
|
||||
|
||||
1
debian/patches/series
vendored
1
debian/patches/series
vendored
|
|
@ -26,3 +26,4 @@ skip-utimensat-test-on-zfs.patch
|
|||
regress-conch-dev-zero.patch
|
||||
configure-cache-vars.patch
|
||||
pam-avoid-unknown-host.patch
|
||||
progress-linux/0001-ssh-keygen-default-rsa-size.patch
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue