|
Package: openssh-server Version: all During installation (or maybe the first startup, i’m not sure), the openssh-server generates 1024bit DSA keys. This key length is no longer considered secure and therefore should be disabled, or created with a longer key length.
According to NIST, 1024 bit keys are disallowed after 2013, see:
http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf This bug is somehow related to https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=481133 , but it’s not a duplicate. Thank you,
|