[
https://issues.apache.org/jira/browse/SSHD-1100?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17227224#comment-17227224
]
Lyor Goldstein commented on SSHD-1100:
--------------------------------------
{noformat:title=Generate 2048 bit candidates}
ssh-keygen -M generate -O bits=2048 moduli-2048.candidates
{noformat}
{noformat:title=Filter the candidates}
ssh-keygen -M screen -f moduli-2048.candidates moduli-2048
{noformat}
> Update embedded moduli file
> ---------------------------
>
> Key: SSHD-1100
> URL: https://issues.apache.org/jira/browse/SSHD-1100
> Project: MINA SSHD
> Issue Type: Improvement
> Affects Versions: 2.5.1
> Reporter: Lyor Goldstein
> Assignee: Lyor Goldstein
> Priority: Major
>
> In view of
> https://security.stackexchange.com/questions/41941/consequences-of-tampered-etc-ssh-moduli
> and the fact that our current built-in moduli are from 2014 (according to
> their timestamp) perhaps we should generate some new ones...
> See if can also provide an external property indicating which file to load
> (perhaps {{/etc/sshd/moduli}} or similar
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
