- djm@cvs.openbsd.org 2005/06/08 03:50:00
[ssh-keygen.1 ssh-keygen.c sshd.8] increase default rsa/dsa key length from 1024 to 2048 bits; ok markus@ deraadt@
This commit is contained in:
parent
6476cad9bb
commit
ac7ef6a736
|
@ -7,6 +7,10 @@
|
||||||
[auth.c auth.h misc.c misc.h ssh.c ssh_config.5 sshconnect.c]
|
[auth.c auth.h misc.c misc.h ssh.c ssh_config.5 sshconnect.c]
|
||||||
introduce a generic %foo expansion function. replace existing % expansion
|
introduce a generic %foo expansion function. replace existing % expansion
|
||||||
and add expansion to ControlPath; ok markus@
|
and add expansion to ControlPath; ok markus@
|
||||||
|
- djm@cvs.openbsd.org 2005/06/08 03:50:00
|
||||||
|
[ssh-keygen.1 ssh-keygen.c sshd.8]
|
||||||
|
increase default rsa/dsa key length from 1024 to 2048 bits;
|
||||||
|
ok markus@ deraadt@
|
||||||
|
|
||||||
20050609
|
20050609
|
||||||
- (dtucker) [cipher.c openbsd-compat/Makefile.in
|
- (dtucker) [cipher.c openbsd-compat/Makefile.in
|
||||||
|
@ -2702,4 +2706,4 @@
|
||||||
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
|
- (djm) Trim deprecated options from INSTALL. Mention UsePAM
|
||||||
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
|
- (djm) Fix quote handling in sftp; Patch from admorten AT umich.edu
|
||||||
|
|
||||||
$Id: ChangeLog,v 1.3817 2005/06/16 03:18:34 djm Exp $
|
$Id: ChangeLog,v 1.3818 2005/06/16 03:19:06 djm Exp $
|
||||||
|
|
|
@ -1,4 +1,4 @@
|
||||||
.\" $OpenBSD: ssh-keygen.1,v 1.68 2005/04/21 06:17:50 djm Exp $
|
.\" $OpenBSD: ssh-keygen.1,v 1.69 2005/06/08 03:50:00 djm Exp $
|
||||||
.\"
|
.\"
|
||||||
.\" -*- nroff -*-
|
.\" -*- nroff -*-
|
||||||
.\"
|
.\"
|
||||||
|
@ -188,8 +188,8 @@ Show the bubblebabble digest of specified private or public key file.
|
||||||
.It Fl b Ar bits
|
.It Fl b Ar bits
|
||||||
Specifies the number of bits in the key to create.
|
Specifies the number of bits in the key to create.
|
||||||
Minimum is 512 bits.
|
Minimum is 512 bits.
|
||||||
Generally, 1024 bits is considered sufficient.
|
Generally, 2048 bits is considered sufficient.
|
||||||
The default is 1024 bits.
|
The default is 2048 bits.
|
||||||
.It Fl C Ar comment
|
.It Fl C Ar comment
|
||||||
Provides a new comment.
|
Provides a new comment.
|
||||||
.It Fl c
|
.It Fl c
|
||||||
|
|
|
@ -12,7 +12,7 @@
|
||||||
*/
|
*/
|
||||||
|
|
||||||
#include "includes.h"
|
#include "includes.h"
|
||||||
RCSID("$OpenBSD: ssh-keygen.c,v 1.126 2005/05/26 09:08:12 dtucker Exp $");
|
RCSID("$OpenBSD: ssh-keygen.c,v 1.127 2005/06/08 03:50:00 djm Exp $");
|
||||||
|
|
||||||
#include <openssl/evp.h>
|
#include <openssl/evp.h>
|
||||||
#include <openssl/pem.h>
|
#include <openssl/pem.h>
|
||||||
|
@ -36,7 +36,7 @@ RCSID("$OpenBSD: ssh-keygen.c,v 1.126 2005/05/26 09:08:12 dtucker Exp $");
|
||||||
#include "dns.h"
|
#include "dns.h"
|
||||||
|
|
||||||
/* Number of bits in the RSA/DSA key. This value can be changed on the command line. */
|
/* Number of bits in the RSA/DSA key. This value can be changed on the command line. */
|
||||||
u_int32_t bits = 1024;
|
u_int32_t bits = 2048;
|
||||||
|
|
||||||
/*
|
/*
|
||||||
* Flag indicating that we just want to change the passphrase. This can be
|
* Flag indicating that we just want to change the passphrase. This can be
|
||||||
|
|
4
sshd.8
4
sshd.8
|
@ -34,7 +34,7 @@
|
||||||
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
|
||||||
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
|
||||||
.\"
|
.\"
|
||||||
.\" $OpenBSD: sshd.8,v 1.207 2005/04/21 06:17:50 djm Exp $
|
.\" $OpenBSD: sshd.8,v 1.208 2005/06/08 03:50:00 djm Exp $
|
||||||
.Dd September 25, 1999
|
.Dd September 25, 1999
|
||||||
.Dt SSHD 8
|
.Dt SSHD 8
|
||||||
.Os
|
.Os
|
||||||
|
@ -80,7 +80,7 @@ supports both SSH protocol version 1 and 2 simultaneously.
|
||||||
works as follows:
|
works as follows:
|
||||||
.Ss SSH protocol version 1
|
.Ss SSH protocol version 1
|
||||||
Each host has a host-specific RSA key
|
Each host has a host-specific RSA key
|
||||||
(normally 1024 bits) used to identify the host.
|
(normally 2048 bits) used to identify the host.
|
||||||
Additionally, when
|
Additionally, when
|
||||||
the daemon starts, it generates a server RSA key (normally 768 bits).
|
the daemon starts, it generates a server RSA key (normally 768 bits).
|
||||||
This key is normally regenerated every hour if it has been used, and
|
This key is normally regenerated every hour if it has been used, and
|
||||||
|
|
Loading…
Reference in New Issue