DSA 2048 bit keys?

Darren Tucker dtucker at zip.com.au
Sat Sep 27 07:38:21 EST 2014

On Fri, Sep 26, 2014 at 5:12 PM, Scott Neugroschl <scott_n at xypro.com> wrote:

> Is there a reason ssh-keygen restricts DSA keys to exactly 1024 bits,
> given that NIST is recommending a minimum of 2048?

NIST also requires that DSA keys longer than 1024 bits use a hash stronger
than SHA1 while the SSH RFC require the use of SHA1.


Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4  37C9 C982 80C7 8FF4 FA69
    Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.

More information about the openssh-unix-dev mailing list