[Bug 1516] New: ssh-keygen should warn about keys larger than OPENSSL_RSA_MAX_MODULUS_BITS

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Aug 29 16:58:16 EST 2008


https://bugzilla.mindrot.org/show_bug.cgi?id=1516

           Summary: ssh-keygen should warn about keys larger than
                    OPENSSL_RSA_MAX_MODULUS_BITS
           Product: Portable OpenSSH
           Version: 5.1p1
          Platform: All
               URL: http://www.hermann-uwe.de/blog/creating-32768-bit-rsa-
                    keys-for-fun-and-profit
        OS/Version: All
            Status: NEW
          Severity: minor
          Priority: P2
         Component: ssh-keygen
        AssignedTo: unassigned-bugs at mindrot.org
        ReportedBy: t8m at centrum.cz


When ssh-keygen generates key which is larger than
OPENSSL_RSA_MAX_MODULUS_BITS (as defined in the current OpenSSL
releases) it should warn the user that the key will probably not be
usable. The current OpenSSL releases check if the key is larger and the
signature verification functions will fail for such keys to prevent
CVE-2006-2940.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list