Legacy option for key length?
David Newall
openssh at davidnewall.com
Tue Jan 2 13:15:56 AEDT 2018
On 02/01/18 11:38, Damien Miller wrote:
> If you think this is overly parentalistic and that an experienced
> admin is the one best equipped to assess risk, then I'd direct said
> experienced admin to the the SSH_RSA_MINIMUM_MODULUS_SIZE definition in
> sshkey.h that they can adjust themselves.
It is overly paternalistic, to use your word, because it's saying that
the user can't be trusted to not use a weak cipher in only those cases
where that's the only cipher available. It's saying that the only
acceptable access to said industrial equipment is no access.
More information about the openssh-unix-dev
mailing list