Hi Adrian, Am Fr., 8. Dez. 2023 um 12:37 Uhr schrieb Adrian Glaubitz via openSUSE Factory <factory@lists.opensuse.org>:
While the GPG key was accepted without any issues, my SSH was rejected with the following error message that indicates the key is too short:
"Cannot verify your SSH key: key length is not enough: got 2048, needs 3071"
After a quick web search, it turns out that this is related to the minimum key length check being enabled:
"MINIMUM_KEY_SIZE_CHECK = true"
Is this intentional?
It is the default setting of gitea 1.21, which we're using on the openSUSE side. No explicit configuration has been done from our side so far. you can read the minimums here: https://docs.gitea.com/next/administration/config-cheat-sheet#ssh-minimum-ke... Please note that all current openssh versions generate ed25519 keys by default which are shorter, more secure, much faster and would be accepted without any issue. Also see https://www.keylength.com/en/compare/ which basically says that *new* RSA 2048 should not be used after 2020 anymore. We have 2023. Greetings, Dirk