From owner-freebsd-security Tue Mar 26 10:28: 3 2002 Delivered-To: freebsd-security@freebsd.org Received: from patrocles.silby.com (d32.as7.nwbl0.wi.voyager.net [169.207.128.160]) by hub.freebsd.org (Postfix) with ESMTP id CA96A37B41E for ; Tue, 26 Mar 2002 10:27:54 -0800 (PST) Received: from patrocles.silby.com (localhost [127.0.0.1]) by patrocles.silby.com (8.12.2/8.12.2) with ESMTP id g2R0QHUH015744; Tue, 26 Mar 2002 18:26:17 -0600 (CST) (envelope-from silby@silby.com) Received: from localhost (silby@localhost) by patrocles.silby.com (8.12.2/8.12.2/Submit) with ESMTP id g2R0QErk015741; Tue, 26 Mar 2002 18:26:16 -0600 (CST) X-Authentication-Warning: patrocles.silby.com: silby owned process doing -bs Date: Tue, 26 Mar 2002 18:26:14 -0600 (CST) From: Mike Silbersack To: "Karsten W. Rohrbach" Cc: Colin Percival , Subject: Re: It's time for those 2048-, 3072-, and 4096-bit keys? In-Reply-To: <20020326185714.F22539@mail.webmonster.de> Message-ID: <20020326182003.F15545-100000@patrocles.silby.com> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, 26 Mar 2002, Karsten W. Rohrbach wrote: > Mike Silbersack(silby@silby.com)@2002.03.26 03:47:49 +0000: > > > > Versions of ssh which use RSAREF (those compiled before the patent ended, > > basically) can't handle keys over 1024 bits in length, IIRC. Hence, you'd > > have to be very careful when bumping up the size of sshv1 keys on a system > > which may have old clients connection. > > shouldn't the v1 protocol be killed anyway? ;-) i guess in the states > you still got a lot of rsa driven clients, eh? in case of field > upgradeability of the clients, i would switch to v2 (which actually is > what i did on several public systems) and the users are very happy about > the new features (like twofish, etc) that it gives them. > > /k Yes, upgrading clients to v2 would be best. However, I don't think that locking out v1 users would be the best way to achieve that. The most likely result of doing so would be people falling back to telnet. I'm not too concerned about the v1 keylength, as it is obsolete. I'll look into what it would take to change the default one of these days when I have time. What does slightly concern me is the RSA usage in sshv2 which has appeared recently. Increasing the keylength for those uses seems like a good idea in the long run. However, I haven't even looked at the keylengths used in that case yet; they may already be more than long enough. Mike "Silby" Silbersack To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message