https://github.com/fphammerle/docker-borgbackup-sshd/commit/17b658f070505f80d8d48637785145a3c91fe171
@@ -5,6 +5,8 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
## [Unreleased]
+### Changed
+- `sshd`: no longer accept RSA keys < 2048 bits for authentication
## [0.1.1] - 2021-06-20
### Fixed
@@ -11,6 +11,10 @@ MACs hmac-sha2-512-etm@openssh.com,hmac-sha2-256-etm@openssh.com,umac-128-etm@op
PermitRootLogin no
PubkeyAuthentication yes
+# > RSA: The length of the modulus n shall be 2048 bits or more to meet the
+# > minimum security-strength requirement of 112 bits [...]
+# https://csrc.nist.gov/publications/detail/sp/800-131a/rev-2/final
+RequiredRSASize 2048
PasswordAuthentication no
StrictModes no
# separated by spaces