sshd (key length)

Moritz · 2003-01-27 13:08:51

Hey guys!

I've read in a german linux magazin, that 1024-bit keys for ssh are not longer secure.
They recommend for privat people 1280bit, for bussines 1536bit and for governments 2048bit.
The default auf the "ssh-keygen" is 1024 and the sshd start/stop/restart scripts uses the "ssh-keygen"-default.
So if you don't make you're own key, you'll get 1024bit key... i know, this is not "really" insecure, but it might be interesting for users who need ssh!

Regards,
Moritz

apeiro · 2003-01-27 19:45:39

http://www.networkcomputing.com/buzzcut/020412bc.html

They're not insecure yet, per se. But in due time they will be. Something for sysadmins to note.

pilotkeller · 2012-01-13 15:56:26

When it comes to any security it is honestly all a numbers game. For example, the only reason we should be using passwords of upper, lower, numerical, and symbol characters, with a length greater than 20, is that an offline brute force these days that is distributed over a large (+10,000 nodes) botnet is easily capable of testing roughly 10^20 passwords per second (This is my personal estimate; It is not really a fact and is easily open for debate). So really the longer any authenticating token is, the better. However it goes without saying that it still needs to be usable as a consequence (A 1Tb (Terabit) key is likely a very dumb choice... For now).

fsckd · 2012-01-13 17:12:43

Hello pilotkeller, welcome to the forums. I'd like to ask you for a favor. Can you see the datestamps on the other posts? It says 2003-01-27 for both of them. Now, please read Forum Etiquette: Necro-Bumping. Thank you.
Closing.

Arch Linux

#1 2003-01-27 13:08:51

sshd (key length)

#2 2003-01-27 19:45:39

Re: sshd (key length)

#3 2012-01-13 15:56:26

Re: sshd (key length)

#4 2012-01-13 17:12:43

Re: sshd (key length)

Board footer