[Bug 1244272] Re: Consider setting ServerKeyBits 768 to 1024

Launchpad Bug Tracker 1244272 at bugs.launchpad.net
Mon Dec 23 18:06:12 UTC 2013 

This bug was fixed in the package openssh - 1:6.4p1-2

---------------
openssh (1:6.4p1-2) unstable; urgency=high


  * Increase ServerKeyBits value in package-generated sshd_config to 1024
    (closes: #727622, LP: #1244272).
  * Restore patch to disable OpenSSL version check (closes: #732940).

 -- Colin Watson <cjwatson at debian.org>  Mon, 23 Dec 2013 10:44:04 +0000

** Changed in: openssh (Ubuntu)
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to openssh in Ubuntu.
https://bugs.launchpad.net/bugs/1244272

Title:
  Consider setting ServerKeyBits 768 to 1024

Status in “openssh” package in Ubuntu:
  Fix Released
Status in “openssh” package in Debian:
  Fix Committed

Bug description:
  Ubuntu 13.10 has the following setting:

  /etc/ssh/sshd_config

  ServerKeyBits 768

  
  Would it be possible to make the default 1024 to add more security benefit:

  ServerKeyBits 1024

  
  1024 is the default in the upstream openssh project and the value used by other mainstream distros.

  http://www.openbsd.org/cgi-bin/man.cgi?query=sshd_config&sektion=5

  "
  ServerKeyBits
               Defines the number of bits in the ephemeral protocol version 1
               server key.  The minimum value is 512, and the default is 1024.

  "

  
  $ cat /etc/lsb-release
  DISTRIB_ID=Ubuntu
  DISTRIB_RELEASE=13.10
  DISTRIB_CODENAME=saucy
  DISTRIB_DESCRIPTION="Ubuntu 13.10"


  
  $ dpkg -s openssh-server
  Package: openssh-server
  Status: install ok installed
  Priority: optional
  Section: net
  Installed-Size: 760
  Maintainer: Ubuntu Developers <ubuntu-devel-discuss at lists.ubuntu.com>
  Architecture: amd64
  Multi-Arch: foreign
  Source: openssh
  Version: 1:6.2p2-6
  Replaces: openssh-client (<< 1:3.8.1p1-11), ssh, ssh-krb5
  Provides: ssh-server

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openssh/+bug/1244272/+subscriptions

More information about the foundations-bugs mailing list