Re: keys longer than 1024 bits
- From: Ian Becker <ibecker@xxxxxxxxxxxxxxxx>
- Date: Wed, 13 Sep 2006 17:51:32 -0400
On Wed, Sep 13, 2006 at 02:09:38PM +0000, edbch wrote:
Hello to all.
First they pardon my bad English.
I am attempted to generate keys longer than 1024 bits, but I am not
obtaining. I perceived that in some machines this is possible and in others
not.
It is some problem because of the operational system and some rule or
because of the version of ssh? In the machines that I cannot generate these
keys I use Gentoo Linux and OpenSSH_4.3p2, OpenSSL 0.9.7j. In that I can I
use OpenBSD and OpenSSH_4.1, OpenSSL 0.9.7d. The command to generate the
keys that I used is: ssh-keygen - t dsa - b the 2048 and message of error
that I received is: DSA keys must be 1024 bits.
Somebody knows to explain me because? Debtor since now.
Eduardo
The ssh-keygen manpage says:
-b bits
Specifies the number of bits in the key to create. For RSA
keys, the minimum size is 768 bits and the default is 2048
bits.
Generally, 2048 bits is considered sufficient. DSA keys
must be
exactly 1024 bits as specified by FIPS 186-2.
DSA keys must be exactly 1024 bits, according to the standard. If you
want larger keys, you'll need to make RSA keys instead of DSA keys.
-Ian
--
Ian Becker
ibecker@xxxxxxxxxxxxxxxx
- Follow-Ups:
- Re: keys longer than 1024 bits
- From: edbch
- Re: keys longer than 1024 bits
- From: Thomas R. Jones
- Re: keys longer than 1024 bits
- References:
- keys longer than 1024 bits
- From: edbch
- keys longer than 1024 bits
- Prev by Date: keys longer than 1024 bits
- Next by Date: Re: Ip Phones
- Previous by thread: keys longer than 1024 bits
- Next by thread: Re: keys longer than 1024 bits
- Index(es):
Relevant Pages
|
