Hide Forgot
Description of problem: The European Union Agency for Network and Information Security recommends to use at least RSA 3072: http://www.enisa.europa.eu/activities/identity-and-trust/library/deliverables/algorithms-key-sizes-and-parameters-report dropbearkey in F19 and EPEL6 creates RSA 1024 keys by default. Version-Release number of selected component (if applicable): dropbear-2013.59-1.fc19 dropbear-2013.59-1.el6 How reproducible: always Steps to Reproduce: 1.dropbearkey -t rsa -f dropbear_rsa_host_key Actual results: Will output 1024 bit rsa secret key to 'dropbear_rsa_host_key' Expected results: Should be 3072 bit Additional info: Please fix this both in EPEL and Fedora
1. I've already came up with a idea that generating keys in %post section. It's controllable for the key length but I'm not sure if users will accept this change. 2. I think this should be fixed in upstream but not here. 3. What about the states in the US?
(In reply to Christopher Meng from comment #1) > 1. I've already came up with a idea that generating keys in %post section. Creating keys during %post might lead to problems because of missing entropy. > 2. I think this should be fixed in upstream but not here. Regardless of whether upstream thinks this is a good idea, it should be changed in Fedora. However, it is a good idea to forward this information to them. For example it does not make sense to use different default key sizes in dropbear-keygen and ssh-keygen. > 3. What about the states in the US? The NIST allows RSA 2048 keys: http://csrc.nist.gov/publications/nistpubs/800-57/sp800-57_part1_rev3_general.pdf Therefore RSA 3072 keys would be allowed by the NIST as well. However, since several packages seem to be affected, I am going to get a packaging guideline for this.
I've seen your post at security list, I will follow up.
dropbear-2018.76-1.fc28 has been submitted as an update to Fedora 28. https://bodhi.fedoraproject.org/updates/FEDORA-2018-ff2964dadb