On Tue, Mar 07, 2000 at 02:36:18PM +0100, Jean Charles Delepine wrote: > Michael Stone <mstone@debian.org> écrivait (wrote) : > > On Mon, Mar 06, 2000 at 08:37:06PM -0500, Ben Collins wrote: > > > OpenSSH is compatible with the original SSH. I use my Palm Vx with TopGun > > > ssh to login to OpenSSH servers all the time. > > > > Hmm. Why do I get this stupid message when I log into certain servers: > > Warning: Server lies about size of server host key: actual size is 1023 > > bits vs. announced 1024. > > Warning: This may be due to an old implementation of ssh. > > /usr/share/doc/UPGRADING : > 4. Warning messages about key lengths > > Commercial SSH's ssh-keygen program contained a bug which caused it to > occasionally generate RSA keys which had their Most Significant Bit > (MSB) unset. Such keys were advertised as being full-length, but are > actually only half as secure. > > OpenSSH will print warning messages when it encounters such keys. To > rid yourself of these message, edit you known_hosts files and replace > the incorrect key length (usually "1024") with the correct key length > (usually "1023"). I don't care whether it's documented. I do care if I get a lot of questions from users who don't understand why they get error messages sometimes when going to a host that has always worked. -- Mike Stone
Attachment:
pgp0xjHjyjeCA.pgp
Description: PGP signature