ssh-keygen DSA keys longer than 1024 bit
Silviu Vlasceanu
silviuvlasceanu at yahoo.com
Thu Oct 3 20:53:37 EST 2013
Hi,
Why is there still a limit on the length of a DSA key generated by
ssh-keygen? I mean that ssh-keygen only expects 1024 as key length, or
fails. Here is the code excerpt that enforces the limitation:
if (type == KEY_DSA && *bitsp != 1024)
fatal("DSA keys must be 1024 bits");
Commenting these two lines allows the generation of, say, 2048 bit DSA keys
that work just fine with sshd.
The only reason that I could previously find is that 1024 is imposed by
FIPS 186-2, but the current FIPS 186-3 allows for larger DSA keys.
In light of the NIST SP800-131A guide that recommends 2048 as a minimum for
DSA key length, can anyone please explain me why the limitation still
exists in current openssh (6.3p1)? Is there a legal constraint?
Thank you,
--
Silviu
More information about the openssh-unix-dev
mailing list