From d7c6e38b87efab1f140745fd8b1106b82e6e4a68 Mon Sep 17 00:00:00 2001 From: "dtucker@openbsd.org" Date: Fri, 19 Apr 2019 05:47:44 +0000 Subject: [PATCH] upstream: Document new default RSA key size. From sebastiaanlokhorst at gmail.com via bz#2997. OpenBSD-Commit-ID: bdd62ff5d4d649d2147904e91bf7cefa82fe11e1 --- ssh-keygen.1 | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) diff --git a/ssh-keygen.1 b/ssh-keygen.1 index 124456577..f29774249 100644 --- a/ssh-keygen.1 +++ b/ssh-keygen.1 @@ -1,4 +1,4 @@ -.\" $OpenBSD: ssh-keygen.1,v 1.157 2019/03/05 16:17:12 naddy Exp $ +.\" $OpenBSD: ssh-keygen.1,v 1.158 2019/04/19 05:47:44 dtucker Exp $ .\" .\" Author: Tatu Ylonen .\" Copyright (c) 1995 Tatu Ylonen , Espoo, Finland @@ -35,7 +35,7 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.Dd $Mdocdate: March 5 2019 $ +.Dd $Mdocdate: April 19 2019 $ .Dt SSH-KEYGEN 1 .Os .Sh NAME @@ -260,8 +260,8 @@ This option specifies the number of primality tests to perform. Show the bubblebabble digest of specified private or public key file. .It Fl b Ar bits Specifies the number of bits in the key to create. -For RSA keys, the minimum size is 1024 bits and the default is 2048 bits. -Generally, 2048 bits is considered sufficient. +For RSA keys, the minimum size is 1024 bits and the default is 3072 bits. +Generally, 3072 bits is considered sufficient. DSA keys must be exactly 1024 bits as specified by FIPS 186-2. For ECDSA keys, the .Fl b