Generating DSA keys of different length
Nils Larsch
larsch at trustcenter.de
Wed Jul 2 19:28:25 EST 2003
Greg Lambert wrote:
> When I try to create a dsa set of key files with -b 999, the key appears
> to be created with the default of 1024. This does not happen for type
> rsa or rsa1 keys. They get created with the number of bits I
> specified. I can't find this problem in the archives.
OpenSSH uses the OpenSSL DSA_generate_parameters function to
generate the DSA parameters. DSA_generate_parameters rounds the bit
length off to a multiple of 64 bits (as specified in
http://www.itl.nist.gov/fipspubs/fip186.htm ) => in your case 1024
bits.
Nils
More information about the openssh-unix-dev
mailing list