Here is a set of patches that add functionality to rc.conf allowing users an easy way to control the length of the host keys used with ssh (specifically RSA and ECDSA used with protocol version 2).
I would like to also discuss the merits of changing FreeBSD's default behavior to using 4096 bit RSA keys and 521 bit ECDSA keys. I have refrained from changing FreeBSD's default behavior in these patches and stuck to just adding configurability. Please let me know if you see any problems with these patches.
rc.conf.5.diff
Description: Binary data
rc.conf.diff
Description: Binary data
sshd.diff
Description: Binary data
_______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
