Difference between revisions of "Key length"
Jump to navigation
Jump to search
↑ https://support.apple.com/en-us/HT210176
Tags: Mobile web edit, Mobile edit |
|||
| (14 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
| + | [[wikipedia:Key length]] | ||
| + | * 2048 bits, default for [[RSA]] keys in [[OpenSSH 4.2]] (2005) | ||
| + | * 1024 bits | ||
| + | * 512 bits | ||
| + | * 256 bits: [[ed25519]] | ||
| + | == [[RSA]] == | ||
| + | * [[macOS 10.15]] (2019) requires that [[TLS]] server certificates and issuing CAs using RSA keys must use [[key size]]s greater than or equal to 2048. <ref>https://support.apple.com/en-us/HT210176</ref> | ||
| + | == [[OpenSSH]] == | ||
[[OpenSSH 7.6]] (October 2017) | [[OpenSSH 7.6]] (October 2017) | ||
* Refuse [[keys length]] <1024 bits in length and improve reporting for keys that do not meet this requirement. | * Refuse [[keys length]] <1024 bits in length and improve reporting for keys that do not meet this requirement. | ||
| − | + | [[OpenSSH 4.2]]: September 1, 2005 https://www.openssh.com/txt/release-4.2 | |
| − | + | * Increase the default size of new [[RSA]]/[[DSA]] keys generated by <code>[[ssh-keygen]]</code> from 1024 to 2048 bits. | |
| − | |||
| − | |||
| − | |||
== Related == | == Related == | ||
| − | * [[Openssh client: Invalid key length]] connecting to a [[Cisco]] device | + | * [[Openssh client]]: <code>[[Openssh client: Invalid key length|Invalid key lenght]]</code> connecting to a [[Cisco]] device |
| + | * [[RSA]], [[Ed25519]] | ||
| + | * <code>[[ssh-keygen]]</code> | ||
== See also == | == See also == | ||
Latest revision as of 10:21, 26 October 2021
- 2048 bits, default for RSA keys in OpenSSH 4.2 (2005)
- 1024 bits
- 512 bits
- 256 bits: ed25519
Contents
RSA[edit]
- macOS 10.15 (2019) requires that TLS server certificates and issuing CAs using RSA keys must use key sizes greater than or equal to 2048. [1]
OpenSSH[edit]
OpenSSH 7.6 (October 2017)
- Refuse keys length <1024 bits in length and improve reporting for keys that do not meet this requirement.
OpenSSH 4.2: September 1, 2005 https://www.openssh.com/txt/release-4.2
- Increase the default size of new RSA/DSA keys generated by
ssh-keygenfrom 1024 to 2048 bits.
Related[edit]
- Openssh client:
Invalid key lenghtconnecting to a Cisco device - RSA, Ed25519
ssh-keygen
See also[edit]
- Public key cryptography,
private key,public key,key length,ssh-keygen,ssh-keyscan, Root certificate, KEX, Generate a key - OpenSSH (changelog):
/etc/ssh/sshd_config|/etc/ssh/ssh_config|~/.ssh/|openSSL | sshd logs|sftp|scp|authorized_keys|ssh-keygen|ssh-keyscan|ssh-add|ssh-agent|ssh|Ssh -O stop|ssh-copy-id|CheckHostIP|UseKeychain, OpenSSF - Public-key cryptography: RSA, DSA, ECDSA, EdDSA (Ed25519), AES, RSA Conference, hash,
pkeyutl, Signature, key length, Easyrsa, OAEP, Ron Rivest, Adi Shamir, Leonard Adleman
Advertising:
