Ssh – Generate own (stronger) RSA host key for OpenSSH

opensshssh

I would like to replace the default 2048 bit host key generated when installing OpenSSH or starting it the first time with one of 4096 bit length.

This leads to two questions:

Does OpenSSH allow running with a 4096 bit RSA host key (for SSH2 obviously)?
How can ssh-keygen be convinced not to prompt for a passphrase?

The version of OpenSSH I am running is 6.6p1.

Best Answer

Whatever key-length is supported in ssh-keygen most likely would work with sshd as well. Besides that, you should generate your host-keys with ssh-keygen -h anyways, so if ssh-keygen isn't totally dumb, it should inform you if the desired key-length is not supported for host keys.

The passphrase could be specified with -N; if you don't want the key to be encrypted, just specify an empty one (thus just hitting Enter if it prompts you would have the same effect).

Related Solutions

Ssh – Automated ssh-keygen without passphrase, how

This will prevent the passphrase prompt from appearing and set the key-pair to be stored in plaintext (which of course carries all the disadvantages and risks of that):

ssh-keygen -b 2048 -t rsa -f /tmp/sshkey -q -N ""

Using Windows 10 built in SSH

Powershell:

ssh-keygen -b 2048 -t rsa -f C:/temp/sshkey -q -N """"

CMD:

ssh-keygen -b 2048 -t rsa -f C:/temp/sshkey -q -N ""

Ssh – How to roll over ssh host keys

The Host Key rotation is supported since OpenSSH 6.8 (both client and server adds support in this version).

So the process should work like this:

Generate and add new keys with the option HostKey newkey (after the existing ones) to the /etc/ssh/sshd_config
Restart sshd
The clients have to set up UpdateHostKeys yes in their configuration (either globally, or per-host)
The connecting clients will pick up all the new keys
After some time (months?) you can remove the old keys from the sshd_config and restart sshd
The clients (that connected during the transition period) will already have the new keys (the old will not be removed, which is the only problem here) and they will not show the MitM attack warning.

The new enough-clients will be able to pick up the new keys. This feature is not enabled by default, probably because it is quite new and soon showed some security consideration. But these days, it should be fine to use it.

Best Answer

Related Solutions

Ssh – Automated ssh-keygen without passphrase, how

Ssh – How to roll over ssh host keys

Related Question