- djm@cvs.openbsd.org 2008/07/02 02:24:18
[sshd_config sshd_config.5 sshd.8 servconf.c] increase default size of ssh protocol 1 ephemeral key from 768 to 1024 bits; prodded by & ok dtucker@ ok deraadt@
This commit is contained in:
parent
f2e21dec68
commit
7499b0cca0
|
@ -24,6 +24,10 @@
|
||||||
- stevesk@cvs.openbsd.org 2008/07/01 23:12:47
|
- stevesk@cvs.openbsd.org 2008/07/01 23:12:47
|
||||||
[PROTOCOL.agent]
|
[PROTOCOL.agent]
|
||||||
fix some typos; ok djm@
|
fix some typos; ok djm@
|
||||||
|
- djm@cvs.openbsd.org 2008/07/02 02:24:18
|
||||||
|
[sshd_config sshd_config.5 sshd.8 servconf.c]
|
||||||
|
increase default size of ssh protocol 1 ephemeral key from 768 to 1024
|
||||||
|
bits; prodded by & ok dtucker@ ok deraadt@
|
||||||
|
|
||||||
20080630
|
20080630
|
||||||
- (djm) OpenBSD CVS Sync
|
- (djm) OpenBSD CVS Sync
|
||||||
|
@ -4507,4 +4511,4 @@
|
||||||
OpenServer 6 and add osr5bigcrypt support so when someone migrates
|
OpenServer 6 and add osr5bigcrypt support so when someone migrates
|
||||||
passwords between UnixWare and OpenServer they will still work. OK dtucker@
|
passwords between UnixWare and OpenServer they will still work. OK dtucker@
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.5045 2008/07/02 12:35:00 dtucker Exp $
|
$Id: ChangeLog,v 1.5046 2008/07/02 12:35:43 dtucker Exp $
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
/* $OpenBSD: servconf.c,v 1.184 2008/06/15 16:58:40 dtucker Exp $ */
|
/* $OpenBSD: servconf.c,v 1.185 2008/07/02 02:24:18 djm Exp $ */
|
||||||
/*
|
/*
|
||||||
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
* Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
|
||||||
* All rights reserved
|
* All rights reserved
|
||||||
|
@ -158,7 +158,7 @@ fill_default_server_options(ServerOptions *options)
|
||||||
if (options->pid_file == NULL)
|
if (options->pid_file == NULL)
|
||||||
options->pid_file = _PATH_SSH_DAEMON_PID_FILE;
|
options->pid_file = _PATH_SSH_DAEMON_PID_FILE;
|
||||||
if (options->server_key_bits == -1)
|
if (options->server_key_bits == -1)
|
||||||
options->server_key_bits = 768;
|
options->server_key_bits = 1024;
|
||||||
if (options->login_grace_time == -1)
|
if (options->login_grace_time == -1)
|
||||||
options->login_grace_time = 120;
|
options->login_grace_time = 120;
|
||||||
if (options->key_regeneration_time == -1)
|
if (options->key_regeneration_time == -1)
|
||||||
|
|
6
sshd.8
6
sshd.8
|
@ -34,8 +34,8 @@
|
||||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
.\"
|
.\"
|
||||||
.\" $OpenBSD: sshd.8,v 1.245 2008/06/11 07:30:37 jmc Exp $
|
.\" $OpenBSD: sshd.8,v 1.246 2008/07/02 02:24:18 djm Exp $
|
||||||
.Dd $Mdocdate: June 11 2008 $
|
.Dd $Mdocdate: July 2 2008 $
|
||||||
.Dt SSHD 8
|
.Dt SSHD 8
|
||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
|
@ -100,7 +100,7 @@ Forces
|
||||||
to use IPv6 addresses only.
|
to use IPv6 addresses only.
|
||||||
.It Fl b Ar bits
|
.It Fl b Ar bits
|
||||||
Specifies the number of bits in the ephemeral protocol version 1
|
Specifies the number of bits in the ephemeral protocol version 1
|
||||||
server key (default 768).
|
server key (default 1024).
|
||||||
.It Fl C Ar connection_spec
|
.It Fl C Ar connection_spec
|
||||||
Specify the connection parameters to use for the
|
Specify the connection parameters to use for the
|
||||||
.Fl T
|
.Fl T
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
# $OpenBSD: sshd_config,v 1.79 2008/05/08 12:21:16 djm Exp $
|
# $OpenBSD: sshd_config,v 1.80 2008/07/02 02:24:18 djm Exp $
|
||||||
|
|
||||||
# This is the sshd server system-wide configuration file. See
|
# This is the sshd server system-wide configuration file. See
|
||||||
# sshd_config(5) for more information.
|
# sshd_config(5) for more information.
|
||||||
|
@ -28,7 +28,7 @@ Protocol 2
|
||||||
|
|
||||||
# Lifetime and size of ephemeral version 1 server key
|
# Lifetime and size of ephemeral version 1 server key
|
||||||
#KeyRegenerationInterval 1h
|
#KeyRegenerationInterval 1h
|
||||||
#ServerKeyBits 768
|
#ServerKeyBits 1024
|
||||||
|
|
||||||
# Logging
|
# Logging
|
||||||
# obsoletes QuietMode and FascistLogging
|
# obsoletes QuietMode and FascistLogging
|
||||||
|
|
|
@ -34,8 +34,8 @@
|
||||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
.\"
|
.\"
|
||||||
.\" $OpenBSD: sshd_config.5,v 1.95 2008/06/15 16:58:40 dtucker Exp $
|
.\" $OpenBSD: sshd_config.5,v 1.96 2008/07/02 02:24:18 djm Exp $
|
||||||
.Dd $Mdocdate: June 15 2008 $
|
.Dd $Mdocdate: July 2 2008 $
|
||||||
.Dt SSHD_CONFIG 5
|
.Dt SSHD_CONFIG 5
|
||||||
.Os
|
.Os
|
||||||
.Sh NAME
|
.Sh NAME
|
||||||
|
@ -811,7 +811,7 @@ The default is
|
||||||
This option applies to protocol version 1 only.
|
This option applies to protocol version 1 only.
|
||||||
.It Cm ServerKeyBits
|
.It Cm ServerKeyBits
|
||||||
Defines the number of bits in the ephemeral protocol version 1 server key.
|
Defines the number of bits in the ephemeral protocol version 1 server key.
|
||||||
The minimum value is 512, and the default is 768.
|
The minimum value is 512, and the default is 1024.
|
||||||
.It Cm StrictModes
|
.It Cm StrictModes
|
||||||
Specifies whether
|
Specifies whether
|
||||||
.Xr sshd 8
|
.Xr sshd 8
|
||||||
|
|
Loading…
Reference in New Issue