Package: telnetd-ssl Version: 0.17.41+0.2-3.1 Severity: normal Dear Maintainer,
I installed telnetd-ssl. It generated a key and self-signed certificate in /etc/telnetd-ssl/telnetd.pem, which has 1024 bit RSA key. This caused an error when attempting to connect: $ telnet localhost Trying 127.0.0.1... Connected to localhost. Escape character is '^]'. Error loading CRT /etc/telnetd-ssl/telnetd.pem: SSL_CTX_use_certificate, ee key too small do_ssleay_init() failed 140636104001344:error:140AB18F:SSL routines:SSL_CTX_use_certificate:ee key too small:../ssl/ssl_rsa.c:310: Connection closed by foreign host. I can see that there's a generated cnf file too, which includes the line default_bits = 1024 -- System Information: Debian Release: buster/sid APT prefers unstable APT policy: (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.19.0-1-amd64 (SMP w/16 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) LSM: AppArmor: enabled Versions of packages telnetd-ssl depends on: ii adduser 3.118 ii libc6 2.28-5 ii libssl1.1 1.1.1a-1 ii openbsd-inetd [inet-superserver] 0.20160825-3 ii openssl 1.1.1a-1 ii passwd 1:4.5-1.1 telnetd-ssl recommends no packages. telnetd-ssl suggests no packages. -- no debconf information

