Bananian Linux

View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0000085Bananian Linux[All Projects] Securitypublic2015-01-02 14:142015-01-08 11:59
Assigned ToNico 
StatusresolvedResolutionno change required 
Product Version14.11.02 
Target VersionFixed in Version 
Summary0000085: Increase ServerKeyBits
DescriptionThe only think that strikes me is that the ServerKeyBits are still set to the old default of
 ServerKeyBits 768 (/etc/sshd_config).
 For ssh hardening it would be better to set it to 1024 (or perhaps even to 2048) and regenerate
 the serverkeys.
 For most "home installations" this is not a problem, but mine is exposed to the outside world (but
 maybe I'm overconcerned)
TagsNo tags attached.
Attached Files

- Relationships
related to 0000075resolvedNico SSH key generation creates empty keys 

-  Notes
Nico (manager)
2015-01-06 09:27

From man 5 sshd_config:
             Defines the number of bits in the ephemeral protocol version 1 server key. The minimum value is 512, and the default is 1024.

It is for version 1 of the protocol, which is disabled in the configuration. So changing the ServerKeyBits is completely meaningless.

- Issue History
Date Modified Username Field Change
2015-01-02 14:14 Nico New Issue
2015-01-02 14:14 Nico Status new => assigned
2015-01-02 14:14 Nico Assigned To => Nico
2015-01-06 09:27 Nico Note Added: 0000129
2015-01-06 09:27 Nico Status assigned => resolved
2015-01-06 09:27 Nico Resolution open => no change required
2015-01-06 09:28 Nico Relationship added related to 0000075
2015-01-08 11:59 Nico Target Version 15.04 =>

Copyright © 2000 - 2020 MantisBT Team
Powered by Mantis Bugtracker