Ubuntu
openssh package

Change the default RSA generation from 2048 to 3072

Bug #1445625 reported by Joey Stanford
26
This bug affects 4 people
Affects Status Importance Assigned to Milestone
openssh (Ubuntu)
Fix Released
Undecided
Unassigned

Bug Description

For security purposes, the Ubuntu Distro should consider changing the default RSA generation from 2048 to 4096. This is a could be a somewhat disruptive change (e.g. accessing older Cisco devices may not work). We should still try to consider this and target this for 16.04.

Revision history for this message
Launchpad Janitor (janitor) wrote :

Status changed to 'Confirmed' because the bug affects multiple users.

Changed in openssh (Ubuntu):
status: New → Confirmed
Revision history for this message
Colin Watson (cjwatson) wrote :

OpenSSH 8.0 changes the default RSA key size to 3072 bits. I think this is sufficient, so we'll follow that.

summary: - Change the default RSA generation from 2048 to 4096
+ Change the default RSA generation from 2048 to 3072
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package openssh - 1:8.0p1-2

---------------
openssh (1:8.0p1-2) experimental; urgency=medium

  * Fix interop tests for recent regress changes.

 -- Colin Watson <email address hidden> Fri, 14 Jun 2019 14:32:12 +0100

Changed in openssh (Ubuntu):
status: Confirmed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.