Add rc.conf variables to control host key length
Robert Simmons
rsimmons0 at gmail.com
Sun Jun 24 16:07:31 UTC 2012
Here is a set of patches that add functionality to rc.conf allowing
users an easy way to control the length of the host keys used with ssh
(specifically RSA and ECDSA used with protocol version 2).
I would like to also discuss the merits of changing FreeBSD's default
behavior to using 4096 bit RSA keys and 521 bit ECDSA keys.
I have refrained from changing FreeBSD's default behavior in these
patches and stuck to just adding configurability.
Please let me know if you see any problems with these patches.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rc.conf.5.diff
Type: application/octet-stream
Size: 1188 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20120624/6228f990/rc.conf.5.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: rc.conf.diff
Type: application/octet-stream
Size: 624 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20120624/6228f990/rc.conf.obj
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sshd.diff
Type: application/octet-stream
Size: 756 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-security/attachments/20120624/6228f990/sshd.obj
More information about the freebsd-security
mailing list