Hi all, I allways have to edit the sshd.init file so that the sshd server keys generates keys with the correct number of bits.
I know that RSA1 is max 1024, and DSA is 2048 and that is default values, but RSA2 can do 2048 too, and _that's_ not default. The attached patch fixes and clarifies this. Chears. -- -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- | Oden Eriksson, Deserve-IT Networks, Jokkmokk, Sweden. | Mandrake Linux release 8.2 (Cooker) for i586 | Current uptime with kernel 2.4.12-5mdksmp: 13:10 | cpu0 @ 799.53 bm, fan 4383 rpm, temp +29.0°C | cpu1 @ 801.17 bm, fan 4470 rpm, temp +28°C
--- sshd.init Thu Oct 4 14:26:00 2001 +++ sshd.init.oden Sun Oct 28 15:12:33 2001 @@ -32,7 +32,7 @@ do_rsa1_keygen() { if [ ! -s $RSA1_KEY ]; then echo -n $"Generating SSH1 RSA host key: " - if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then + if $KEYGEN -q -b 1024 -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then chmod 600 $RSA1_KEY chmod 644 $RSA1_KEY.pub success $"RSA1 key generation" @@ -48,7 +48,7 @@ do_rsa_keygen() { if [ ! -s $RSA_KEY ]; then echo -n $"Generating SSH2 RSA host key: " - if $KEYGEN -q -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then + if $KEYGEN -q -b 2048 -t rsa -f $RSA_KEY -C '' -N '' >&/dev/null; then chmod 600 $RSA_KEY chmod 644 $RSA_KEY.pub success $"RSA key generation" @@ -64,7 +64,7 @@ do_dsa_keygen() { if [ ! -s $DSA_KEY ]; then echo -n $"Generating SSH2 DSA host key: " - if $KEYGEN -q -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then + if $KEYGEN -q -b 2048 -t dsa -f $DSA_KEY -C '' -N '' >&/dev/null; then chmod 600 $DSA_KEY chmod 644 $DSA_KEY.pub success $"DSA key generation"