upstream commit

refuse to generate or accept RSA keys smaller than 1024 bits; feedback and ok dtucker@ Upstream-ID: 7ea3d31271366ba264f06e34a3539bf1ac30f0ba
author: djm@openbsd.org <djm@openbsd.org> 2015-07-03 03:49:45 +0000
committer: Damien Miller <djm@mindrot.org> 2015-07-15 15:36:02 +1000
commit: 933935ce8d093996c34d7efa4d59113163080680 (patch)
tree: 7c2df1bfff8ab967e52436d649a420fc20ba80c6 /ssh-keygen.1
parent: bdfd29f60b74f3e678297269dc6247a5699583c1 (diff)
1 files changed, 3 insertions, 3 deletions
diff --git a/ssh-keygen.1 b/ssh-keygen.1
index 9b93666c9..8c3317be7 100644
--- a/ssh-keygen.1
+++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
-.\"     $OpenBSD: ssh-keygen.1,v 1.125 2015/02/24 15:24:05 naddy Exp $
+.\"     $OpenBSD: ssh-keygen.1,v 1.126 2015/07/03 03:49:45 djm Exp $
 .\"
 .\" Author: Tatu Ylonen <ylo@cs.hut.fi>
 .\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
 .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
 .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 .\"
-.Dd $Mdocdate: February 24 2015 $
+.Dd $Mdocdate: July 3 2015 $
 .Dt SSH-KEYGEN 1
 .Os
 .Sh NAME
@@ -244,7 +244,7 @@ This option specifies the number of primality tests to perform.
 Show the bubblebabble digest of specified private or public key file.
 .It Fl b Ar bits
 Specifies the number of bits in the key to create.
-For RSA keys, the minimum size is 768 bits and the default is 2048 bits.
+For RSA keys, the minimum size is 1024 bits and the default is 2048 bits.
 Generally, 2048 bits is considered sufficient.
 DSA keys must be exactly 1024 bits as specified by FIPS 186-2.
 For ECDSA keys, the
author	djm@openbsd.org <djm@openbsd.org>	2015-07-03 03:49:45 +0000
committer	Damien Miller <djm@mindrot.org>	2015-07-15 15:36:02 +1000
commit	933935ce8d093996c34d7efa4d59113163080680 (patch)
tree	7c2df1bfff8ab967e52436d649a420fc20ba80c6 /ssh-keygen.1
parent	bdfd29f60b74f3e678297269dc6247a5699583c1 (diff)

diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 9b93666c9..8c3317be7 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1
@@ -1,4 +1,4 @@
1	.\" $OpenBSD: ssh-keygen.1,v 1.125 2015/02/24 15:24:05 naddy Exp $	1	.\" $OpenBSD: ssh-keygen.1,v 1.126 2015/07/03 03:49:45 djm Exp $
2	.\"	2	.\"
3	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>	3	.\" Author: Tatu Ylonen <ylo@cs.hut.fi>
4	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland	4	.\" Copyright (c) 1995 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -35,7 +35,7 @@
35	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF	35	.\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF
36	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.	36	.\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
37	.\"	37	.\"
38	.Dd $Mdocdate: February 24 2015 $	38	.Dd $Mdocdate: July 3 2015 $
39	.Dt SSH-KEYGEN 1	39	.Dt SSH-KEYGEN 1
40	.Os	40	.Os
41	.Sh NAME	41	.Sh NAME
@@ -244,7 +244,7 @@ This option specifies the number of primality tests to perform.
244	Show the bubblebabble digest of specified private or public key file.	244	Show the bubblebabble digest of specified private or public key file.
245	.It Fl b Ar bits	245	.It Fl b Ar bits
246	Specifies the number of bits in the key to create.	246	Specifies the number of bits in the key to create.
247	For RSA keys, the minimum size is 768 bits and the default is 2048 bits.	247	For RSA keys, the minimum size is 1024 bits and the default is 2048 bits.
248	Generally, 2048 bits is considered sufficient.	248	Generally, 2048 bits is considered sufficient.
249	DSA keys must be exactly 1024 bits as specified by FIPS 186-2.	249	DSA keys must be exactly 1024 bits as specified by FIPS 186-2.
250	For ECDSA keys, the	250	For ECDSA keys, the