On Fri, Feb 24, 2012 at 09:34:31AM -0600, Karl O. Pinc wrote: > When making 2048 bit rsa keys with puttygen about half the time > puttygen reports the key to be 2047 bits in the fingerprint.
http://the.earth.li/~sgtatham/putty/0.62/htmldoc/Chapter8.html#puttygen-strength "Note that an RSA key is generated by finding two primes of half the length requested, and then multiplying them together. For example, if you ask PuTTYgen for a 1024-bit RSA key, it will create two 512-bit primes and multiply them. The result of this multiplication might be 1024 bits long, or it might be only 1023; so you may not get the exact length of key you asked for. This is perfectly normal, and you do not need to worry. The lengths should only ever differ by one, and there is no perceptible drop in security as a result." That said, since this frequently confuses users, I might backport the recent upstream change to ensure that some of the top bits are always set. -- Colin Watson [cjwat...@debian.org] -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
