Default RSA host key length
Posted: Mon May 04, 2026 11:21 pm
My security team has expressed concerns regarding the SSH implementation on Netonix and the lack of support for modern crypto algorithms. On investigation it looks like the version of dropbear used (v2020.81) in Netonix SW does in fact support the favoured modern crypto standards, however modern SSH clients refuse to connect since the RSA host key length is 1024 bits even on 1.5.26.
Is there any particular reason for this? Can we change this default in 2026? Is it safe to jump in via CLI and regenerate ourselves to 2048 bits?
Is there any particular reason for this? Can we change this default in 2026? Is it safe to jump in via CLI and regenerate ourselves to 2048 bits?