From 98352b5eb4b4c9835649b64071d5b8731e489d9f Mon Sep 17 00:00:00 2001
From: DennisNikolay <dennisnikolay@posteo.de>
Date: Fri, 22 Nov 2024 01:06:47 +0100
Subject: [PATCH] Added RequiredRSASize to sshd_config

Enforces a minimum RSA key size of 3072, as recommended by various standards bodies, as detailed here:

https://www.keylength.com/en/compare/
---
 README.md | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/README.md b/README.md
index 0cb71aa..b6c2eba 100644
--- a/README.md
+++ b/README.md
@@ -582,6 +582,11 @@ SSH is a door into your server. This is especially true if you are opening ports
     # don't allow .rhosts or /etc/hosts.equiv
     HostbasedAuthentication no
 
+    # OpenSSH 9.1 and later
+    # Enforce a minimum RSA key size of 3072 bits
+    # https://www.keylength.com/en/compare/
+    RequiredRSASize 3072
+
     # https://github.com/imthenachoman/How-To-Secure-A-Linux-Server/issues/115
     HashKnownHosts yes
     ```