Bananian Linux - Bananian Linux
View Issue Details
0000085Bananian Linux[All Projects] Securitypublic2015-01-02 14:142015-01-08 11:59
Nico 
Nico 
normaltweakN/A
resolvedno change required 
 
14.11.02 
 
0000085: Increase ServerKeyBits
The only think that strikes me is that the ServerKeyBits are still set to the old default of
 ServerKeyBits 768 (/etc/sshd_config).
 For ssh hardening it would be better to set it to 1024 (or perhaps even to 2048) and regenerate
 the serverkeys.
 For most "home installations" this is not a problem, but mine is exposed to the outside world (but
 maybe I'm overconcerned)
No tags attached.
related to 0000075resolved Nico SSH key generation creates empty keys 
Issue History
2015-01-02 14:14NicoNew Issue
2015-01-02 14:14NicoStatusnew => assigned
2015-01-02 14:14NicoAssigned To => Nico
2015-01-06 09:27NicoNote Added: 0000129
2015-01-06 09:27NicoStatusassigned => resolved
2015-01-06 09:27NicoResolutionopen => no change required
2015-01-06 09:28NicoRelationship addedrelated to 0000075
2015-01-08 11:59NicoTarget Version15.04 =>

Notes
(0000129)
Nico   
2015-01-06 09:27   
From man 5 sshd_config:
     ServerKeyBits
             Defines the number of bits in the ephemeral protocol version 1 server key. The minimum value is 512, and the default is 1024.

It is for version 1 of the protocol, which is disabled in the configuration. So changing the ServerKeyBits is completely meaningless.