ssh-keygen and 2048-bit DSA keys
So it appears that the version of ssh-keygen bundled in with OSX 10.5 (and earlier?) doesn't like the idea of generating 2048-bit DSA keypairs. Well, I guess it's more that it's adhering to FIPS 186-2, but let's just ignore that for now.
What I would like to do is to use ssh-keygen to generate a 2048-bit DSA keypair for ssh authentication, but I can't. Does anyone know if there is some sort of hidden "override ridiculous standard set by US government so they can tap into my network communications easer" flag to get around this? I can't seem to find anything helpful in the man pages.
Other versions of ssh-keygen can generate said keypair, so I don't see that there is any technical problem. Various linux distributions do allow 2048-bit key generation.
It would be nice if I could do this with the existing binary instead of spending a while to get a new version of ssh-keygen going.
Thanks for your help,
Matt
(Sorry if there is a better place to put this thread, but I figured this in a sense is mainly used for network communications, so it seemed like a good fit)
What I would like to do is to use ssh-keygen to generate a 2048-bit DSA keypair for ssh authentication, but I can't. Does anyone know if there is some sort of hidden "override ridiculous standard set by US government so they can tap into my network communications easer" flag to get around this? I can't seem to find anything helpful in the man pages.
Other versions of ssh-keygen can generate said keypair, so I don't see that there is any technical problem. Various linux distributions do allow 2048-bit key generation.
It would be nice if I could do this with the existing binary instead of spending a while to get a new version of ssh-keygen going.
Thanks for your help,
Matt
(Sorry if there is a better place to put this thread, but I figured this in a sense is mainly used for network communications, so it seemed like a good fit)
PowerBook G4, Mac OS X (10.5.1)
