I generated 8192-bit RSA host keys after I read this article: https://stribika.github.io/2015/01/04/secure-secure-shell.html
I believe OpenSSH's default is to generate a 2048-bit RSA host key, and that article recommends a 4096-bit key. This is just on my personal box, so I decided to go for broke with an 8192-bit key. Thanks, Stephen On Mon, Feb 9, 2015 at 6:55 AM, Matt Johnston <[email protected]> wrote: > Hi Stephen, > > Looks like a bug, I've only tested with 4096 bit keys. > Probably just MAX_PRIVKEY_SIZE etc needs increasing in > options.h, and some buffer sizes in keyimport.c > > Where did a 8192 bit key come from, out of interest? > > CHeers, > Matt > > On Sun, Feb 08, 2015 at 09:08:17PM -0800, Stephen Kent wrote: > > dropbearconvert seems to crash on large RSA key sizes (the host key > > I'm trying to convert is 8192 bits): > > > > $ openssl rsa -text -noout -in /etc/ssh/ssh_host_rsa_key 2>/dev/null | > head -n 1 > > Private-Key: (8196 bit) > > $ dropbearconvert openssh dropbear "/etc/ssh/ssh_host_rsa_key" > > "./dropbear_rsa_host_key" > > Exited: Bad buf_getwriteptr > > > > dropbearconvert works fine on OpenSSH's default 2048-bit RSA host key. > > > > Is this a bug? If so, is this the proper place to report it or is > > there another procedure I should follow? > > > > (Please CC me on replies as I am not on this list.) > > > > Thanks, > > > > Stephen >
