diff options
Diffstat (limited to 'ssh-keygen.c')
-rw-r--r-- | ssh-keygen.c | 13 |
1 files changed, 10 insertions, 3 deletions
diff --git a/ssh-keygen.c b/ssh-keygen.c index 5d256a159..3898b281e 100644 --- a/ssh-keygen.c +++ b/ssh-keygen.c | |||
@@ -1,4 +1,4 @@ | |||
1 | /* $OpenBSD: ssh-keygen.c,v 1.328 2019/03/25 15:49:00 dtucker Exp $ */ | 1 | /* $OpenBSD: ssh-keygen.c,v 1.329 2019/03/25 16:19:44 dtucker Exp $ */ |
2 | /* | 2 | /* |
3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> | 3 | * Author: Tatu Ylonen <ylo@cs.hut.fi> |
4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland | 4 | * Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland |
@@ -68,8 +68,15 @@ | |||
68 | #endif | 68 | #endif |
69 | 69 | ||
70 | /* | 70 | /* |
71 | * Default number of bits in the RSA/DSA key. This value can be overridden | 71 | * Default number of bits in the RSA, DSA and ECDSA keys. These value can be |
72 | * on the command line. | 72 | * overridden on the command line. |
73 | * | ||
74 | * These values, with the exception of DSA, provide security equivalent to at | ||
75 | * least 128 bits of security according to NIST Special Publication 800-57: | ||
76 | * Recommendation for Key Management Part 1 rev 4 section 5.6.1. | ||
77 | * For DSA it (and FIPS-186-4 section 4.2) specifies that the only size for | ||
78 | * which a 160bit hash is acceptable is 1kbit, and since ssh-dss specifies only | ||
79 | * SHA1 we limit the DSA key size 1k bits. | ||
73 | */ | 80 | */ |
74 | #define DEFAULT_BITS 3072 | 81 | #define DEFAULT_BITS 3072 |
75 | #define DEFAULT_BITS_DSA 1024 | 82 | #define DEFAULT_BITS_DSA 1024 |