Consider setting ServerKeyBits 768 to 1024
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openssh (Debian) |
Fix Released
|
Unknown
|
|||
openssh (Ubuntu) |
Fix Released
|
Medium
|
Colin Watson |
Bug Description
Ubuntu 13.10 has the following setting:
/etc/ssh/
ServerKeyBits 768
Would it be possible to make the default 1024 to add more security benefit:
ServerKeyBits 1024
1024 is the default in the upstream openssh project and the value used by other mainstream distros.
http://
"
ServerKeyBits
server key. The minimum value is 512, and the default is 1024.
"
$ cat /etc/lsb-release
DISTRIB_ID=Ubuntu
DISTRIB_
DISTRIB_
DISTRIB_
$ dpkg -s openssh-server
Package: openssh-server
Status: install ok installed
Priority: optional
Section: net
Installed-Size: 760
Maintainer: Ubuntu Developers <email address hidden>
Architecture: amd64
Multi-Arch: foreign
Source: openssh
Version: 1:6.2p2-6
Replaces: openssh-client (<< 1:3.8.1p1-11), ssh, ssh-krb5
Provides: ssh-server
Changed in openssh (Debian): | |
status: | Unknown → New |
Changed in openssh (Debian): | |
status: | New → Fix Committed |
Changed in openssh (Debian): | |
status: | Fix Committed → Fix Released |
Thank you for taking the time to report this bug and helping to make Ubuntu better.
I've checked and it looks like this also applies to Debian. I have filed a bug there.