https://bugzilla.mindrot.org/show_bug.cgi?id=2666
Petr Bodnar <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |[email protected] --- Comment #3 from Petr Bodnar <[email protected]> --- (In reply to stefan.ss from comment #2) > need this option also to allow again previous RSA minimum size > default 768. > > I know 768 is too small for security, > _but_ old puttygen version creates in ~50% RSA keys with 1023 bits, > when using with the default of requested size 1024. > > SSH_RSA_MINIMUM_MODULUS_SIZE was increased to 1024, so public key > login no longer works with old public keys. > > so enforced to stay on old openssh server version (7.4). > Cannot distribute new keys for this accounts. 100% agreed and voting for this issue resolution. It is also questionable and maybe for a separate bug (?) why the hard-coded limit was not set to 1023 when it is known that PuTTYgen randomly generates(-ed) shorter keys when 1024 is (was) requested. See this quote regarding 1023 key size from its old, but most probably still valid [documentation](https://the.earth.li/~sgtatham/putty/0.61/htmldoc/Chapter8.html): > This is perfectly normal, and you do not need to worry. The lengths should > only ever differ by one, and there is no perceptible drop in security as a > result. -- You are receiving this mail because: You are watching the assignee of the bug. _______________________________________________ openssh-bugs mailing list [email protected] https://lists.mindrot.org/mailman/listinfo/openssh-bugs
