| commit | 8700d961a6ec47a91defb718834b05b39cc3fcca | |
| author | Kyle J. McKay <mackyle@gmail.com> | |
| Thu, 12 Sep 2013 04:18:18 +0000 (11 21:18 -0700) | ||
| committer | Kyle J. McKay <mackyle@gmail.com> | |
| Thu, 12 Sep 2013 04:18:18 +0000 (11 21:18 -0700) | ||
| tree | 5a114ea2369817d8dd2e812e266d2122fc3c4f7c | treesnapshot (tar.gz zip) |
| parent | 49df6bee0d0ce8030319803bf9b6553419a57f86 | commitdiff |
Add knob to require a minimum public key length
Create a new $Girocco::Config::min_key_length setting that specifies
the minimum key length that will be accepted when saving keys via the
reguser.cgi and edituser.cgi interfaces. Pre-existing keys are not
affected by this change.
If the $Girocco::Config::min_key_length is unset the previous behavior
will be used in which keys are only required to be at least 512 bits
in length.
Set $Girocco::Config::min_key_length to 1024 rather than undef since
1024 is somewhat of an improvement over the previous 512 bit minimum
but still highly compatible.
Note that OpenSSH starting with version 4.3p1 will only generate 1024
bit DSA keys so setting it to anything higher would make adding new DSA
keys problematic for many users.
Create a new $Girocco::Config::min_key_length setting that specifies
the minimum key length that will be accepted when saving keys via the
reguser.cgi and edituser.cgi interfaces. Pre-existing keys are not
affected by this change.
If the $Girocco::Config::min_key_length is unset the previous behavior
will be used in which keys are only required to be at least 512 bits
in length.
Set $Girocco::Config::min_key_length to 1024 rather than undef since
1024 is somewhat of an improvement over the previous 512 bit minimum
but still highly compatible.
Note that OpenSSH starting with version 4.3p1 will only generate 1024
bit DSA keys so setting it to anything higher would make adding new DSA
keys problematic for many users.
| Girocco/Config.pm | diffblobblamehistory | |
| Girocco/User.pm | diffblobblamehistory |