Jason McIntyre <j...@kerhand.co.uk> wrote: > > While making a self-signed key for use with Apache I noticed that the > > FAQ recommends deprecated crypto (RSA-1024 and SHA1). I chose instead > > RSA-4096 and sha256. A couple patches for the website and manual page > > are below. > > changes committed, thanks.
RSA-4096 is really excessive. RSA-2048 is the general recommendation and what we use by default for SSH and IKE host keys. -- Christian "naddy" Weisgerber na...@mips.inka.de