Bug 2997 - ssh-keygen manpage default RSA key length incorrect
Summary: ssh-keygen manpage default RSA key length incorrect
Status: CLOSED FIXED
Alias: None
Product: Portable OpenSSH
Classification: Unclassified
Component: Documentation (show other bugs)
Version: 8.0p1
Hardware: All All
: P5 minor
Assignee: Assigned to nobody
URL:
Keywords:
Depends on:
Blocks: V_8_1
  Show dependency treegraph
 
Reported: 2019-04-19 05:15 AEST by Sebastiaan
Modified: 2019-10-09 15:11 AEDT (History)
1 user (show)

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Sebastiaan 2019-04-19 05:15:26 AEST 
As mentioned in the OpenSSH 8.0 release notes[1]:

* ssh-keygen(1): Increase the default RSA key size to 3072 bits,
   following NIST Special Publication 800-57's guidance for a
   128-bit equivalent symmetric security level.

However, the ssh-keygen manpage still says[2]:

For RSA keys, the minimum size is 1024 bits and the default is 2048 bits. Generally, 2048 bits is considered sufficient.

[1] https://www.openssh.com/txt/release-8.0
[2] https://man.openbsd.org/ssh-keygen.1
Comment 1 Darren Tucker 2019-04-19 15:48:42 AEST 
Fixed and will be in the 8.1 release.  Thanks for the report.
Comment 2 Damien Miller 2019-10-09 15:11:43 AEDT 
Close bugs fixed in openssh-8.1 release cycle