Legacy option for key length?

David Newall openssh at davidnewall.com
Sun Dec 31 13:32:47 AEDT 2017

On 30/12/17 09:46, Daniel Kahn Gillmor wrote
> On Thu 2017-12-28 21:31:28 -0800, Dan Mahoney (Gushi) wrote:
>> Why not make minimum key length a tunable, just as the other options 
>> are?
> Because the goal of building secure software is to make it easy to
> answer the question "are you using it securely?"
That answer is wrong.  The suggestion, which allowed that security was 
important, allowed for an option which could only be used by explicitly 
setting it at SSH invocation, so, that means, if you don't use the 
option then you are (maybe) using it securely, and if you do use the 
option, then you are using it in the most secure way possible (because 
you'd only use it when forced to.)

By making it impossible for people to use SSH you are forcing people to 
use less secure software; telnet because they can't use ssh; old, buggy 
versions of ssh because that's what they had to install so that they 
could connect to their industrial equipment.

The answer is also boneheaded:

> remove the devices and replace them with something that is actually 
> well-supported

We'd be better removing arrogance from essential development teams, 
people who think that replacing a world full of expensive and 
functioning equipment is an option.  It's not, and nor should it be.  
That's a disgraceful suggestion and you should be ashamed of yourself.

Browser developers got it badly wrong; let's not join them. The 
suggestion was good because there's a wide-spread need for shorter keys 
and the suggested solution doesn't allow shorter keys unless explicitly 
set per invocation.

More information about the openssh-unix-dev mailing list