summaryrefslogtreecommitdiffstats
path: root/usr.bin/ssh/ssh-keygen.c
diff options
context:
space:
mode:
Diffstat (limited to 'usr.bin/ssh/ssh-keygen.c')
-rw-r--r--usr.bin/ssh/ssh-keygen.c13
1 files changed, 10 insertions, 3 deletions
diff --git a/usr.bin/ssh/ssh-keygen.c b/usr.bin/ssh/ssh-keygen.c
index fdc074d30ef..b0b1610d22f 100644
--- a/usr.bin/ssh/ssh-keygen.c
+++ b/usr.bin/ssh/ssh-keygen.c
@@ -1,4 +1,4 @@
-/* $OpenBSD: ssh-keygen.c,v 1.328 2019/03/25 15:49:00 dtucker Exp $ */
+/* $OpenBSD: ssh-keygen.c,v 1.329 2019/03/25 16:19:44 dtucker Exp $ */
/*
* Author: Tatu Ylonen <ylo@cs.hut.fi>
* Copyright (c) 1994 Tatu Ylonen <ylo@cs.hut.fi>, Espoo, Finland
@@ -61,8 +61,15 @@
#endif
/*
- * Default number of bits in the RSA/DSA key. This value can be overridden
- * on the command line.
+ * Default number of bits in the RSA, DSA and ECDSA keys. These value can be
+ * overridden on the command line.
+ *
+ * These values, with the exception of DSA, provide security equivalent to at
+ * least 128 bits of security according to NIST Special Publication 800-57:
+ * Recommendation for Key Management Part 1 rev 4 section 5.6.1.
+ * For DSA it (and FIPS-186-4 section 4.2) specifies that the only size for
+ * which a 160bit hash is acceptable is 1kbit, and since ssh-dss specifies only
+ * SHA1 we limit the DSA key size 1k bits.
*/
#define DEFAULT_BITS 3072
#define DEFAULT_BITS_DSA 1024
Copyright © 1996 – 2023 Jason A. Donenfeld. All Rights Reverse Engineered.