Legacy option for key length?

Dan Mahoney (Gushi) danm at prime.gushi.org
Fri Dec 29 16:31:28 AEDT 2017


I occasionally manage some APC PDU devices.  I manage them via a VPN, 
which enforces super-heavy crypto, and their access is restricted to only 
jumphosts and the VPN.  Basically, the only time you need to log into 
these is when you go to reboot something that's down.

Their web UI with SSL doesn't work with modern browsers.
Their CPU is...tiny, and their SSHd implementation is...old (and, I 
believe, proprietary).

I think it defaults to RSA768, and even then, takes a good 15 seconds to 
let you log in.

When trying to SSH to them most recently from a recent copy of MacOS, I 
got the "Invalid Key Length" error.

I googled around for the release note and the source code commit that had 
produced this, and then tried looking for workarounds here: 

After all, since the OpenSSH devs think carefully enough to have a page 
that documents legacy options, for sure they thought of one for this case 
too, right?  It doesn't seem so.

My workaround was, insanely, to fire up a VM with an older version of an 
OS with an older openSSH client.


Why not make minimum key length a tunable, just as the other options are?

In this way, sites with a more strict policy could actually specify it 
(i.e. RSA2048 or better)

Perhaps if you're dead-set on this being so dangerous, you could make it 
so that you could specify a command-line option to accept a lower value 
one time, but you're perhaps not able to override it via the config.




More information about the openssh-unix-dev mailing list