[Bug 1469] Should sshd detect and reject vulnerable SSH keys (re: Debian DSA-1571 and DSA-1576)

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Sun May 25 06:39:02 EST 2008


https://bugzilla.mindrot.org/show_bug.cgi?id=1469





--- Comment #2 from Alex Howells <alex.howells at 0wn3d.us>  2008-05-25 06:38:59 ---
> As far as I am aware they don't cover 4096-bit RSA, and any user who
> had generated with `ssh-keygen -b 8150 -t rsa` would not be blocked.

Sorry, perhaps I should clarify -- any user who has generated with a
non-standard key length would not be covered and it would be
computationally impossible to generate all 32767 permutations per
architecture / word length vs. all possible key length possibilities.

-- 
Configure bugmail: https://bugzilla.mindrot.org/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list