3

When users employ ssh-keygen to create RSA key pairs, the default key length is 2048 bits.

You can override that on the command line with the -b argument, but few users will bother.

As mentioned in this article, it is recommended to use key lengths of 3072 or greater if you need security beyond 2030. Is there a way to cause 3072 (or 4096) to be the default length for all keys generated? I don't see it in the ssh_config or sshd_config manual pages. Or does it require recompilation of the program?

Community
  • 1
user67327
  • 197
  • 2
  • 8
  • 2
    You're talking of SSH keys, which implies that they're be use for authentication when connecting to a running machine, not for message encryption. Is 2030 really a concern in this case? If the hardware still runs by then, it's quite likely that the version of the OS you're currently running will no longer be supported (and possibly have a number of other security holes). It's probably better practice to make your users change their keys once in a while (you're rarely in control of how they store them anyway), definitely a few times in the next 20 years or so. – Bruno Jun 10 '11 at 02:10

1 Answers1

2

I don't think there is any way to do this via a configuration file. You could set up an alias and put it in a shell initialisation file. This won't stop the user from deleting the alias and running their own command though.

alias ssh-keygen='ssh-keygen -b 3072'

then

$ ssh-keygen -t rsa
Generating public/private rsa key pair.
Enter file in which to save the key (/home/iain/.ssh/id_rsa): /tmp/testkey
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /tmp/testkey.
Your public key has been saved in /tmp/testkey.pub.
The key fingerprint is:
47:3a:03:c8:ac:63:1c:bf:9d:44:1d:4b:b4:0e:66:04 
$ ssh-keygen -lf /tmp/testkey
3072 47:3a:03:c8:ac:63:1c:bf:9d:44:1d:4b:b4:0e:66:04 /tmp/testkey.pub

You could put it in each (existing) user's ~/.bashrc and in /etc/skel/.bashrc so new user's get it too.

user9517
  • 114,104
  • 20
  • 206
  • 289
  • it is also possible there are tools out there to enforce a minimum key length for ssh access... that way you can educate your users to create keys with a length > 3072, and if they don't, their keys won't be accepted... i don't know the logistics behind this, but it's something i'm interested in finding more information about. – cpbills Jun 05 '11 at 22:50
  • The alias method only works if people are using a centralized computer, not distributed as in our case. – user67327 Jun 07 '11 at 06:01
  • Enforcing minimum length to operate would at least provide security - at the cost of turning people off. – user67327 Jun 07 '11 at 06:02