Bug 2997

Summary: ssh-keygen manpage default RSA key length incorrect
Product: Portable OpenSSH Reporter: Sebastiaan <sebastiaanlokhorst>
Component: DocumentationAssignee: Assigned to nobody <unassigned-bugs>
Status: CLOSED FIXED    
Severity: minor CC: dtucker
Priority: P5    
Version: 8.0p1   
Hardware: All   
OS: All   
Bug Depends on:    
Bug Blocks: 2988    

Description Sebastiaan 2019-04-19 05:15:26 AEST 
As mentioned in the OpenSSH 8.0 release notes[1]:

* ssh-keygen(1): Increase the default RSA key size to 3072 bits,
   following NIST Special Publication 800-57's guidance for a
   128-bit equivalent symmetric security level.

However, the ssh-keygen manpage still says[2]:

For RSA keys, the minimum size is 1024 bits and the default is 2048 bits. Generally, 2048 bits is considered sufficient.

[1] https://www.openssh.com/txt/release-8.0
[2] https://man.openbsd.org/ssh-keygen.1
Comment 1 Darren Tucker 2019-04-19 15:48:42 AEST 
Fixed and will be in the 8.1 release.  Thanks for the report.
Comment 2 Damien Miller 2019-10-09 15:11:43 AEDT 
Close bugs fixed in openssh-8.1 release cycle