Question about ssh-keygen -a rounds
raf
ssh at raf.org
Wed Jul 15 11:37:43 AEST 2020
Hi,
man ssh-keygen says:
-a rounds
When saving a private key, this option specifies
the number of KDF (key derivation function) rounds used.
Higher numbers result in slower passphrase verification
and increased resistance to brute-force password cracking
(should the keys be stolen).
What constitutes "Higher" here? Is 100 high or is 100000 high?
What's the default number of rounds in the absence of the -a option?
Could the default value be added to the manpage?
cheers,
raf
More information about the openssh-unix-dev
mailing list