[Bug 2666] New: Ability to specify minimum RSA key size for user keys

bugzilla-daemon Fri, 20 Jan 2017 23:12:04 -0800

https://bugzilla.mindrot.org/show_bug.cgi?id=2666


            Bug ID: 2666
           Summary: Ability to specify minimum RSA key size for user keys
           Product: Portable OpenSSH
           Version: -current
          Hardware: All
                OS: All
            Status: NEW
          Severity: enhancement
          Priority: P5
         Component: sshd
          Assignee: [email protected]
          Reporter: [email protected]

The `PubkeyAcceptedKeyTypes' sshd_config(5) option allows a system
administrator to restrict the kinds of keys that can be used by users
to log in to the system; and they can disable e.g.
`ecdsa-sha2-nistp256' and `ecdsa-sha2-nistp384' while still allowing
`ecdsa-sha2-nistp521', but they cannot restrict the RSA key size if
they allow `ssh-rsa'.

This bug is a feature request for a `PubkeyAcceptedRSAMinKeySize'
option (or similar naming).

If a user attempts to login with a e.g. 2048-bit RSA key, and this is
set to something higher than 2048, the user should be denied access.

-- 
You are receiving this mail because:
You are watching the assignee of the bug.
_______________________________________________
openssh-bugs mailing list
[email protected]
https://lists.mindrot.org/mailman/listinfo/openssh-bugs

[Bug 2666] New: Ability to specify minimum RSA key size for user keys

Reply via email to