From 999a2886ca1844a7a74b905e5f2c8c701f9838cd Mon Sep 17 00:00:00 2001
From: "djm@openbsd.org" <djm@openbsd.org>
Date: Thu, 27 Jul 2023 22:23:05 +0000
Subject: [PATCH] upstream: increase default KDF work-factor for OpenSSH format

private keys from 16 to 24; { feedback ok } x { deraadt markus }

OpenBSD-Commit-ID: a3afb1383f8ff0a49613d449f02395d9e8d4a9ec
---
 sshkey.c | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/sshkey.c b/sshkey.c
index 498922093..727728536 100644
--- a/sshkey.c
+++ b/sshkey.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: sshkey.c,v 1.136 2023/06/21 05:10:26 djm Exp $ */
+/* $OpenBSD: sshkey.c,v 1.137 2023/07/27 22:23:05 djm Exp $ */
 /*
  * Copyright (c) 2000, 2001 Markus Friedl.  All rights reserved.
  * Copyright (c) 2008 Alexander von Gernler.  All rights reserved.
@@ -75,7 +75,7 @@
 #define AUTH_MAGIC		"openssh-key-v1"
 #define SALT_LEN		16
 #define DEFAULT_CIPHERNAME	"aes256-ctr"
-#define	DEFAULT_ROUNDS		16
+#define	DEFAULT_ROUNDS		24
 
 /* Version identification string for SSH v1 identity files. */
 #define LEGACY_BEGIN		"SSH PRIVATE KEY FILE FORMAT 1.1\n"