DH_GRP_MIN is currently 1024, should it be bumped to 2048?
Mark D. Baushke
mdb at juniper.net
Sat Jul 25 09:25:38 AEST 2015
Greetings,
Given the weakness with Diffie-Hellman modp groups less than 2048, is it
time to bump the suggested 1024 bit minimum value from the RFC 4419 to a
more current 2048 value for OpenSSH 7.0?
If so, should this be just a compile-time change, or should there be a
new client and server runtime option?
Thanks,
-- Mark
More information about the openssh-unix-dev
mailing list