Kees Cook un jour écrivit:
On Wed, May 21, 2008 at 07:07:34AM +0200, Vincent Bernat wrote: I could be mistaken, but prior to openssl breaking, ssh-keygen stopped allowing dsa 2048 keys, which means there wasn't a way to generate bad ones:
It didn't before. At least not directly from ssh-keygen.It is so because It won't be standard compliant (the standard specify that DSA must be 1024 bits). I don't know if OpenSSH will accept longer keylength (some implementation will certainly refuse It).
Personnally, in situation when I really care, I like to simply disable DSA from sshd_config and remove the shorter key from /etc/ssh/
$ ssh-keygen -t dsa -b 2048 DSA keys must be 1024 bits
I think It is possible to generate them with openssl.It is normaly used to generate X.509 certficates, but I think you can also get It to generate keys in the proper format for SSH. In any case, It can generate 2048 DSA keys or even longer ones if needed.
Look at those man pages and on Google. man openssl man dsaparam man gendsa Simon Valiquette