[Bug 1244272] Re: Consider setting ServerKeyBits 768 to 1024

[Colin Watson]

Fixed for my next upload, although note that this setting only applies
to SSH protocol version 1 which is disabled by default anyway and not
normally recommended, so the practical effect on security of most
systems is minimal.

** Changed in: openssh (Ubuntu)
       Status: Triaged => Fix Committed

** Changed in: openssh (Ubuntu)
     Assignee: (unassigned) => Colin Watson (cjwatson)

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1244272

Title:
  Consider setting ServerKeyBits 768 to 1024

Status in “openssh” package in Ubuntu:
  Fix Committed
Status in “openssh” package in Debian:
  New

Bug description:
  Ubuntu 13.10 has the following setting:

  /etc/ssh/sshd_config

  ServerKeyBits 768

  
  Would it be possible to make the default 1024 to add more security benefit:

  ServerKeyBits 1024

  
  1024 is the default in the upstream openssh project and the value used by other mainstream distros.

  http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5

  "
  ServerKeyBits
               Defines the number of bits in the ephemeral protocol version 1
               server key.  The minimum value is 512, and the default is 1024.

  "

  
  $ cat /etc/lsb-release
  DISTRIB_ID=Ubuntu
  DISTRIB_RELEASE=13.10
  DISTRIB_CODENAME=saucy
  DISTRIB_DESCRIPTION="Ubuntu 13.10"


  
  $ dpkg -s openssh-server
  Package: openssh-server
  Status: install ok installed
  Priority: optional
  Section: net
  Installed-Size: 760
  Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
  Architecture: amd64
  Multi-Arch: foreign
  Source: openssh
  Version: 1:6.2p2-6
  Replaces: openssh-client (<< 1:3.8.1p1-11), ssh, ssh-krb5
  Provides: ssh-server

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1244272/+subscriptions