Bug#905407: ssh-keygen: Use new OpenSSH key format by default
On Sat, Aug 04, 2018 at 02:24:39PM +0800, Luke W Faraone wrote:
> The bcrypt KDF key format was released as part of OpenSSH 6.5 in 2014.
> It provides greater resistance against brute-force attacks on encrypted
> private keys, and is now widely compatible.
>
> We should use it by default. I'm happy to work on a patch if it would be
> accepted.
I'm not opposed, but I can't answer whether it would be accepted,
because it needs to go upstream. Could you raise this with upstream
directly? Either https://bugzilla.mindrot.org/ or the openssh-unix-dev
list (https://lists.mindrot.org/mailman/listinfo/openssh-unix-dev) would
be a good place.
Thanks,
--
Colin Watson [cjwatson@debian.org]
Reply to: