Package: openssh-server Version: all During installation (or maybe the first startup, i'm not sure), the openssh-server generates 1024bit DSA keys. This key length is no longer considered secure and therefore should be disabled, or created with a longer key length.
However, not all SSH implementations support DSA keys longer than 1024 bits, so i suggest disabling DSA key generation. According to NIST, 1024 bit keys are disallowed after 2013, see: http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf This bug is somehow related to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481133 , but it's not a duplicate. Thank you, Stefan Safar
