Date: Sun, 24 Jun 2012 13:26:21 -0400 From: Robert Simmons <rsimmons0@gmail.com> To: freebsd-security@freebsd.org Subject: Re: Add rc.conf variables to control host key length Message-ID: <CA%2BQLa9C04d3fkk6r2apLti4vn%2BJ8_fai--qK2yQobmXD%2BbdTww@mail.gmail.com> In-Reply-To: <20120624165920.GA85913@DataIX.net> References: <CA%2BQLa9CX26xEwRsz3g6FvBBbbFE0Gfw%2BUR6_RHYOXgZFcgCw5w@mail.gmail.com> <4828EFCC-E60A-4961-9228-4A1ADAD28F73@lists.zabbadoz.net> <20120624165920.GA85913@DataIX.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Jun 24, 2012 at 12:59 PM, J. Hellenthal <jhellenthal@dataix.net> wrote: > These are more then sufficient for any normal ssh use. I'm sorry if I sound rude, but I wanted to have a bit more of a substantive discussion than quoting the man pages. Especially since what you are quoting dates back to a change to src/crypto/openssh/ssh-keygen.1 dated the following: Sun Sep 11 16:50:35 2005 UTC (6 years, 9 months ago) by des Being that the old "considered sufficient" of 1024 was added at the following revision date: Thu Feb 24 14:29:46 2000 UTC (12 years, 4 months ago) by markm I would say that we are exactly due for a real discussion as to what should be considered sufficient with regards to modern processors and GPUs.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CA%2BQLa9C04d3fkk6r2apLti4vn%2BJ8_fai--qK2yQobmXD%2BbdTww>