On 24. Jun 2012, at 16:07 , Robert Simmons wrote: > Here is a set of patches that add functionality to rc.conf allowing > users an easy way to control the length of the host keys used with ssh > (specifically RSA and ECDSA used with protocol version 2).
Created for, not used with -- right? The used with is controlled in sshd_config and if the key is not there but it's enabled in sshd_config you'll get a warning on boot which is very annoying. > I would like to also discuss the merits of changing FreeBSD's default > behavior to using 4096 bit RSA keys and 521 bit ECDSA keys. > > I have refrained from changing FreeBSD's default behavior in these > patches and stuck to just adding configurability. Do we differ from what the OpenSSH defaults are? /bz -- Bjoern A. Zeeb You have to have visions! It does not matter how good you are. It matters what good you do! _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
