Re: OpenSSH: SSH2 sshd - Increase key size from 2048 to 8192 bits (Cygwin)
- From: "Richard E. Silverman" <res@xxxxxxxx>
- Date: 19 Aug 2007 18:23:28 -0400
"DT" == Darren Tucker <dtucker@xxxxxxxxxxxxxxxx> writes:
DT> On 2007-08-15, Simon Tatham <anakin@xxxxxxxxx> wrote:
>> I don't know of a way in OpenSSH to configure the group size used
>> in Diffie-Hellman exchanges.
DT> You can't directly, but one thing you can do is remove the smaller
DT> groups from the "moduli" file on the server.
DT> When the client asks for a DH group, sshd searches the moduli file
DT> for groups and picks one at random from the set at least as large
DT> as what the client requested. If there's no small (eg 1k, 1.5k)
DT> keys, then sshd will always use larger ones.
Small note: this will only work if the connection uses the "group
exchange" key exchange method; it might use one of the fixed-group
exchanges intead...
--
Richard Silverman
res@xxxxxxxx
.
- References:
- OpenSSH: SSH2 sshd - Increase key size from 2048 to 8192 bits (Cygwin)
- From: purpmint008
- Re: OpenSSH: SSH2 sshd - Increase key size from 2048 to 8192 bits (Cygwin)
- From: Simon Tatham
- Re: OpenSSH: SSH2 sshd - Increase key size from 2048 to 8192 bits (Cygwin)
- From: Darren Tucker
- OpenSSH: SSH2 sshd - Increase key size from 2048 to 8192 bits (Cygwin)
- Prev by Date: Re: OpenSSH: SSH2 sshd - Increase key size from 2048 to 8192 bits (Cygwin)
- Next by Date: SSH - Limiting Simultaneous Connections Per User Account
- Previous by thread: Re: OpenSSH: SSH2 sshd - Increase key size from 2048 to 8192 bits (Cygwin)
- Next by thread: SCP only user? (untrusted user, my mother)
- Index(es):
