[Bug 3831] Invalid key length

bugzilla-daemon at mindrot.org bugzilla-daemon at mindrot.org
Sun Jun 1 20:23:36 AEST 2025


https://bugzilla.mindrot.org/show_bug.cgi?id=3831

Darren Tucker <dtucker at dtucker.net> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
                 CC|                            |dtucker at dtucker.net
             Status|NEW                         |RESOLVED
         Resolution|---                         |INVALID

--- Comment #1 from Darren Tucker <dtucker at dtucker.net> ---
Stock OpenSSH has not supported keys less that 1024 bits since OpenSSH
7.6 (specifically commit bd636f409) in 2017.

This is a compile-time constant so if you want you can build a modified
OpenSSH by changing this line:

$ grep RSA_MIN *.h
sshkey.h:#define SSH_RSA_MINIMUM_MODULUS_SIZE   1024
(In reply to Orion Alves from comment #0)
[...]
> ssh -oRequiredRSASize=768 root at ciscoAsr1002

Stock OpenSSH has no such option.  If you are using a vendor-modified
OpenSSH then you need to report any problems with it to them.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
You are watching someone on the CC list of the bug.


More information about the openssh-bugs mailing list