diff options
author | dtucker@openbsd.org <dtucker@openbsd.org> | 2019-03-25 16:19:44 +0000 |
---|---|---|
committer | Damien Miller <djm@mindrot.org> | 2019-03-26 10:20:22 +1100 |
commit | 26e0cef07b04479537c971dec898741df1290fe5 (patch) | |
tree | 92ffb5fca20714d36d0988527042c4aa483e987a | |
parent | f47269ea67eb4ff87454bf0d2a03e55532786482 (diff) |
upstream: Expand comment to document rationale for default key
sizes. "seems worthwhile" deraadt.
OpenBSD-Commit-ID: 72e5c0983d7da1fb72f191870f36cb58263a2456
-rw-r--r-- | ssh-keygen.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c index 5d256a15..3898b281 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssh-keygen.c,v 1.328 2019/03/25 15:49:00 dtucker Exp $ */ +/* $OpenBSD: ssh-keygen.c,v 1.329 2019/03/25 16:19:44 dtucker Exp $ */ /* * Author: Tatu Ylonen <ylo@cs.hut.fi> * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland @@ -68,8 +68,15 @@ #endif /* - * Default number of bits in the RSA/DSA key. This value can be overridden - * on the command line. + * Default number of bits in the RSA, DSA and ECDSA keys. These value can be + * overridden on the command line. + * + * These values, with the exception of DSA, provide security equivalent to at + * least 128 bits of security according to NIST Special Publication 800-57: + * Recommendation for Key Management Part 1 rev 4 section 5.6.1. + * For DSA it (and FIPS-186-4 section 4.2) specifies that the only size for + * which a 160bit hash is acceptable is 1kbit, and since ssh-dss specifies only + * SHA1 we limit the DSA key size 1k bits. */ #define DEFAULT_BITS 3072 #define DEFAULT_BITS_DSA 1024 |