DSA 2048 bit keys?
Darren Tucker
dtucker at zip.com.au
Sat Sep 27 07:38:21 EST 2014
On Fri, Sep 26, 2014 at 5:12 PM, Scott Neugroschl <scott_n at xypro.com> wrote:
> Is there a reason ssh-keygen restricts DSA keys to exactly 1024 bits,
> given that NIST is recommending a minimum of 2048?
>
NIST also requires that DSA keys longer than 1024 bits use a hash stronger
than SHA1 while the SSH RFC require the use of SHA1.
https://bugzilla.mindrot.org/show_bug.cgi?id=1647
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
More information about the openssh-unix-dev
mailing list