Tag Archives: RSA modulus too small: 512 < minimum 768 bits

RSA modulus too small: 512 < minimum 768 bits

RSA modulus too small: 512 < minimum 768 bits

$ ssh [email protected]
ssh_rsa_verify: RSA modulus too small: 512 < minimum 768 bits
key_verify failed for server_host_key

fgvm-ha1 # config system global 
 
fgvm-ha1 (global) # set admin-ssh
admin-ssh-grace-time    Maximum time in seconds permitted between making an SSH connection to the FortiGate unit and authenticating (10 - 3600 sec (1 hour), default 120).
admin-ssh-password      Enable/disable password authentication for SSH admin access.
admin-ssh-port          Administrative access port for SSH. (1 - 65535, default = 22).
admin-ssh-v1            Enable/disable SSH v1 compatibility.
 
fgvm-ha1 (global) # set admin-ssh-v1 enable 
 
fgvm-ha1 (global) # end
 
fgvm-ha1 # show system global 
config system global
    set admin-ssh-v1 enable
    set alias "fgvm-ha1"
    set hostname "fgvm-ha1"
    set language simch
    set timezone 55
end

vyos@ispout-vyos:~$ ssh -v -1 -c des [email protected]
OpenSSH_5.5p1 Debian-6+squeeze5, OpenSSL 1.0.2l  25 May 2017
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Applying options for *
debug1: Connecting to 192.168.50.46 [192.168.50.46] port 22.
debug1: Connection established.
debug1: identity file /home/vyos/.ssh/identity type -1
debug1: identity file /home/vyos/.ssh/identity-cert type -1
debug1: Remote protocol version 1.99, remote software version K8FnH
debug1: no match: K8FnH
debug1: Local version string SSH-1.5-OpenSSH_5.5p1 Debian-6+squeeze5
debug1: Waiting for server public key.
debug1: Received server public key (1152 bits) and host key (1024 bits).
debug1: Host '192.168.50.46' is known and matches the RSA1 host key.
debug1: Found key in /home/vyos/.ssh/known_hosts:4
debug1: Encryption type: des
debug1: Sent encrypted session key.
Warning: use of DES is strongly discouraged due to cryptographic weaknesses
debug1: Installing crc compensation attack detector.
debug1: Received encrypted confirmation.
debug1: Doing challenge response authentication.
debug1: No challenge.
debug1: Doing password authentication.
[email protected]'s password: 
debug1: Requesting pty.
debug1: Requesting shell.
debug1: Entering interactive session.
debug1: fd 0 clearing O_NONBLOCK
fgvm-ha1 # 
fgvm-ha1 # show system global 
config system global
    set admin-ssh-v1 enable
    set alias "fgvm-ha1"
    set hostname "fgvm-ha1"
    set language simch
    set timezone 55
end

fgvm-ha1 #

================= End