Legacy option for key length?

Haven Tristan Hash havenster at gmail.com
Tue Jan 2 18:16:16 AEDT 2018


>
> I think zero.


That seems like a pretty untenable position.

Note that a less extreme stance than this (0!) still led OpenSSL to support
VMS, Netware and 16-bit Windows into 2014 and beyond. Creating a larger,
more complex codebase which contributed to security problems. Security
being the entire point, this was deemed by others (OpenBSD from whence
comes this very OpenSSH) to be counter-productive. OpenBSD then forked and
removed said support. So their philosophy on removing insecure baggage is
pretty clear and consistent.

It seems like you grant the point that the 768 bit keys are insecure and
you don't mind, in which case you likely already have an easily accesible
command line option to access these devices called telnet.


More information about the openssh-unix-dev mailing list