----- Original Message ----- > From: "Florian Weimer" <fweimer@xxxxxxxxxx> > To: security@xxxxxxxxxxxxxxxxxxxxxxx > Sent: Friday, June 6, 2014 10:58:17 AM > Subject: Re: available crypto policies > > On 06/05/2014 04:41 PM, Eric H. Christensen wrote: > > > Who still uses 1024-bit keys? You aren't finding a CA to sign them. > > By default, sshd uses 1024 bits for the protocol 1 ephemeral server key. Isn't version 1 completely broken and you shouldn't use it at all? Just like SSLv2? -- Regards, Hubert Kario Quality Engineer, QE BaseOS Security team Email: hkario@xxxxxxxxxx Web: www.cz.redhat.com Red Hat Czech s.r.o., Purkyňova 99/71, 612 45, Brno, Czech Republic -- security mailing list security@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/security
