[Bug 2997] New: ssh-keygen manpage default RSA key length incorrect

bugzilla-daemon at bugzilla.mindrot.org bugzilla-daemon at bugzilla.mindrot.org
Fri Apr 19 05:15:26 AEST 2019


https://bugzilla.mindrot.org/show_bug.cgi?id=2997

            Bug ID: 2997
           Summary: ssh-keygen manpage default RSA key length incorrect
           Product: Portable OpenSSH
           Version: 8.0p1
          Hardware: All
                OS: All
            Status: NEW
          Severity: minor
          Priority: P5
         Component: Documentation
          Assignee: unassigned-bugs at mindrot.org
          Reporter: sebastiaanlokhorst at gmail.com

As mentioned in the OpenSSH 8.0 release notes[1]:

* ssh-keygen(1): Increase the default RSA key size to 3072 bits,
   following NIST Special Publication 800-57's guidance for a
   128-bit equivalent symmetric security level.

However, the ssh-keygen manpage still says[2]:

For RSA keys, the minimum size is 1024 bits and the default is 2048
bits. Generally, 2048 bits is considered sufficient.

[1] https://www.openssh.com/txt/release-8.0
[2] https://man.openbsd.org/ssh-keygen.1

-- 
You are receiving this mail because:
You are watching the assignee of the bug.


More information about the openssh-bugs mailing list