Another minimum key length question

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

 



Hello,
I've read the recent "legacy key length" thread and would like to point out one more aspect. 

As I'm using OpenSSH on macOS for quite some time already, I encountered the awesome error message about "invalid key length" since the last High Sierra Update to 10.13.2. 
During my investigations I found out that macOS now uses OpenSSH_7.6p1 and LibreSSL 2.6.2. Looking through the releae notes of 7.6p1 it turned out that the forecasted deprecation of RSA keys length <1024 was executed (before it was 768 bits). Fair.

Moving further, I recognized to my surprise, that my private key which I generated back in April 2016 was created with 1023 bit, according  to "openssl rsa -text -noout -in ~/.ssh/id_rsa". From cryptographic perspective this seems to be totally fine and equal to 1024, as it's all about the interpretation of the most significant bit of the combination of the two 512 prime factors (hence it can be 1023, 1024 or 1025).

My question now is, how does OpenSSH interprete this? Does it really mean, that any bit smaller than exactly 1024 bit (so 1023 and less) are not accepted anymore? And if so, would it not make more sense to set the limit then to <1023?

Hope this description is quite clear, as I'm not an English native.

rgds

_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev



[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

[Index of Archives]     [Linux ARM Kernel]     [Linux ARM]     [Linux Omap]     [Fedora ARM]     [IETF Annouce]     [Security]     [Bugtraq]     [Linux]     [Linux OMAP]     [Linux MIPS]     [ECOS]     [Asterisk Internet PBX]     [Linux API]

  Powered by Linux