On Fri, Sep 26, 2014 at 21:12:54 +0000, Scott Neugroschl wrote: > Is there a reason ssh-keygen restricts DSA keys to exactly 1024 bits, given that NIST is recommending a minimum of 2048? > > http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf > Yes, a conflict between the RFC and NIST. Use ecdsa instead. -- Iain Morgan