I think this is fine.
At the point where the -b argument is matched, it is not clear what
key-type is being handled. It is in your case, but not if -b and -t
arguments are swapped.
You can go read the source to see why.
jungle boogie <jungleboogie0@gmail.com> wrote:
> Hi All,
>
> $ ssh-keygen -t ed25519 -b 10000000
> Bits has bad value 10000000 (too large)
>
>
> $ ssh-keygen -t ed25519 -b 20000
> key bits exceeds maximum 16384
>
> Should the first example report the max bits like in the second example?
>
> This happens to be:
> kern.version=OpenBSD 6.5-current (GENERIC.MP) #86: Fri Jun 28 12:09:23
> MDT 2019
> deraadt@arm64.openbsd.org:/usr/src/sys/arch/arm64/compile/GENERIC.MP
> arm64
>
> but I believe I've seen this on amd64 as well.
>
> $ ssh -V
> OpenSSH_8.0, LibreSSL 3.0.0
>
> thanks,
> j.b.
>
No comments:
Post a Comment