8 Dec
2023
8 Dec
'23
14:39
Hi Adrian,
Am Fr., 8. Dez. 2023 um 15:27 Uhr schrieb John Paul Adrian Glaubitz
But up to now, RSA2048 is still a valid and enabled key type which is why it's annoying when random projects decide they know better.
well, openssh switched the default for the same reason. so it's not just 'random projects'. plus integrity of a source revision control is kinda relevant as well. If you want, I can check with the suse security team and if they agree we can allow RSA 2048 as a temporary solution. But to be honest with you, I'm a strong advisor for security where it doesn't hurt, and this is imho one case where there are no downsides. Greetings, Dirk