OpenSSH: how to disallow weak (<2048 bits) RSA keys

The name of the pictureThe name of the pictureThe name of the pictureClash Royale CLAN TAG#URR8PPP











up vote
1
down vote

favorite












Are there any configs for OpenSSH server to disallow weak (e.g. <2048 bits) RSA keys? I'm aware of PubkeyAcceptedKeyTypes which can disallow specific key types, incl. ssh-rsa, as a whole.







share|improve this question




















  • This is an interesting question.
    – Pedro
    Mar 1 at 21:37














up vote
1
down vote

favorite












Are there any configs for OpenSSH server to disallow weak (e.g. <2048 bits) RSA keys? I'm aware of PubkeyAcceptedKeyTypes which can disallow specific key types, incl. ssh-rsa, as a whole.







share|improve this question




















  • This is an interesting question.
    – Pedro
    Mar 1 at 21:37












up vote
1
down vote

favorite









up vote
1
down vote

favorite











Are there any configs for OpenSSH server to disallow weak (e.g. <2048 bits) RSA keys? I'm aware of PubkeyAcceptedKeyTypes which can disallow specific key types, incl. ssh-rsa, as a whole.







share|improve this question












Are there any configs for OpenSSH server to disallow weak (e.g. <2048 bits) RSA keys? I'm aware of PubkeyAcceptedKeyTypes which can disallow specific key types, incl. ssh-rsa, as a whole.









share|improve this question











share|improve this question




share|improve this question










asked Feb 25 at 14:30









nodakai

1928




1928











  • This is an interesting question.
    – Pedro
    Mar 1 at 21:37
















  • This is an interesting question.
    – Pedro
    Mar 1 at 21:37















This is an interesting question.
– Pedro
Mar 1 at 21:37




This is an interesting question.
– Pedro
Mar 1 at 21:37










1 Answer
1






active

oldest

votes

















up vote
2
down vote













I can't see it would be run-time configurable, but you could change the compile-time definition of SSH_RSA_MINIMUM_MODULUS_SIZE in sshkey.h and recompile:



#define SSH_RSA_MINIMUM_MODULUS_SIZE 1024


to



#define SSH_RSA_MINIMUM_MODULUS_SIZE 2048


Either that, or just don't install keys that are shorter. It might be possible to scan the users' authorized_keys files for keys that are shorter than that, at least if we accept the length of the encoded key as an indicator of the length of the actual key.



The encoding for a 2048 bit RSA key seems to be 372 characters long, so something like this might match shorter keys:



grep -E 'ssh-rsa [a-zA-Z0-9+/=],371( |$)' file...





share|improve this answer




















    Your Answer







    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "106"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    convertImagesToLinks: false,
    noModals: false,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );








     

    draft saved


    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f426469%2fopenssh-how-to-disallow-weak-2048-bits-rsa-keys%23new-answer', 'question_page');

    );

    Post as a guest






























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes








    up vote
    2
    down vote













    I can't see it would be run-time configurable, but you could change the compile-time definition of SSH_RSA_MINIMUM_MODULUS_SIZE in sshkey.h and recompile:



    #define SSH_RSA_MINIMUM_MODULUS_SIZE 1024


    to



    #define SSH_RSA_MINIMUM_MODULUS_SIZE 2048


    Either that, or just don't install keys that are shorter. It might be possible to scan the users' authorized_keys files for keys that are shorter than that, at least if we accept the length of the encoded key as an indicator of the length of the actual key.



    The encoding for a 2048 bit RSA key seems to be 372 characters long, so something like this might match shorter keys:



    grep -E 'ssh-rsa [a-zA-Z0-9+/=],371( |$)' file...





    share|improve this answer
























      up vote
      2
      down vote













      I can't see it would be run-time configurable, but you could change the compile-time definition of SSH_RSA_MINIMUM_MODULUS_SIZE in sshkey.h and recompile:



      #define SSH_RSA_MINIMUM_MODULUS_SIZE 1024


      to



      #define SSH_RSA_MINIMUM_MODULUS_SIZE 2048


      Either that, or just don't install keys that are shorter. It might be possible to scan the users' authorized_keys files for keys that are shorter than that, at least if we accept the length of the encoded key as an indicator of the length of the actual key.



      The encoding for a 2048 bit RSA key seems to be 372 characters long, so something like this might match shorter keys:



      grep -E 'ssh-rsa [a-zA-Z0-9+/=],371( |$)' file...





      share|improve this answer






















        up vote
        2
        down vote










        up vote
        2
        down vote









        I can't see it would be run-time configurable, but you could change the compile-time definition of SSH_RSA_MINIMUM_MODULUS_SIZE in sshkey.h and recompile:



        #define SSH_RSA_MINIMUM_MODULUS_SIZE 1024


        to



        #define SSH_RSA_MINIMUM_MODULUS_SIZE 2048


        Either that, or just don't install keys that are shorter. It might be possible to scan the users' authorized_keys files for keys that are shorter than that, at least if we accept the length of the encoded key as an indicator of the length of the actual key.



        The encoding for a 2048 bit RSA key seems to be 372 characters long, so something like this might match shorter keys:



        grep -E 'ssh-rsa [a-zA-Z0-9+/=],371( |$)' file...





        share|improve this answer












        I can't see it would be run-time configurable, but you could change the compile-time definition of SSH_RSA_MINIMUM_MODULUS_SIZE in sshkey.h and recompile:



        #define SSH_RSA_MINIMUM_MODULUS_SIZE 1024


        to



        #define SSH_RSA_MINIMUM_MODULUS_SIZE 2048


        Either that, or just don't install keys that are shorter. It might be possible to scan the users' authorized_keys files for keys that are shorter than that, at least if we accept the length of the encoded key as an indicator of the length of the actual key.



        The encoding for a 2048 bit RSA key seems to be 372 characters long, so something like this might match shorter keys:



        grep -E 'ssh-rsa [a-zA-Z0-9+/=],371( |$)' file...






        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered Feb 25 at 14:51









        ilkkachu

        49.3k672136




        49.3k672136






















             

            draft saved


            draft discarded


























             


            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f426469%2fopenssh-how-to-disallow-weak-2048-bits-rsa-keys%23new-answer', 'question_page');

            );

            Post as a guest













































































            Popular posts from this blog

            How to check contact read email or not when send email to Individual?

            Displaying single band from multi-band raster using QGIS

            How many registers does an x86_64 CPU actually have?