Yes, I considered re-compiling, but it just seemed like an enormous pain
to have to go through the source and figure out where the key size limit
was. It also occurred to me that I'm likely not the only one with this
problem, but many just didn't understand what the underlying problem
was, and more wouldn't know where to go to talk about addressing it.
95% of the administrators of the world are just going to enable telnet,
and be done with it. You have to remember that one person reporting a
bug or requested feature represents many, many more that never caught
it, or didn't know how to report it, or (as above) found another workaround.
I also tried looking for other clients that might support lower sized
keys. putty seems to blow up because of the buggy ssh implementation of
the server that openSSH kindly deals with. There's some other
implementations that I didn't want to pay for just to see if they worked.
On 12/26/19 8:08 AM, Philipp Marek wrote:
I'd rather not dredge up a big fight, but I _would_ like to express a
desire for some form of overriding the minimum key size.
This can be done by recompiling if necessary. This restriction has been
a pain for me at times but honestly I think it's for the best that it's
been done.
I may be alone with that opinion, but for such things I've always hoped
for a global _variable_ whose location is available as a dynamic symbol
in the ELF - so instead of getting all the sources (and all their
dependencies, resp. the headers etc.) and reconfiguring (with all
required research to get the right options) and recompiling, a 1-minute
session with a hex editor to patch the 2 bytes would be enough...
Yeah, some distributions make recompilation much easier (Debian has
"apt-get source") - but still it's much more work than switching a few
bytes.
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@xxxxxxxxxxx
https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev