On Thursdayen den 25 April 2002 16.16, Florin wrote: > [EMAIL PROTECTED] (Oden Eriksson) writes: > > Hi, > > > > Could we please apply this to the openssh-server package?
[snip] > according to the man page, key sizes longer than 1024 "no longer improve > security but make things slower. The default is 1024 bits." > > is it really worth it tyo use 2048, I wonder ? Yes I think so, since the RSA crypto has been cracked for some time now. I'm no crypto expert but I rather play safe... I think we should use the mesures given to improve security. If you don't want to use more than 1024 bits, don't, just change "Protocol 2,1" to "Protocol 1,2" in "sshd_config" or check the man page for ssh. At present with the current Mandrake package the default is to use protocol v2, RSA2 1024 bits. So what's the point to default to SSH protocol v2, and having two 1024 bits keys hanging around. -- Regards // Oden Eriksson
