Commit de87c8a4 authored by Leigh Stoller's avatar Leigh Stoller

Start generating 2048 bit keys to make Nick happy (or maybe just

a bit less unhappy).
parent d6973c9c
......@@ -298,7 +298,7 @@ if( defined( $oldkeyfile ) ) {
my $genopts =
($encrypted ? " -passout 'pass:${sh_password}' -des3 " : "");
system("$OPENSSL genrsa $genopts -out syscert_key.pem 1024")
system("$OPENSSL genrsa $genopts -out syscert_key.pem 2048")
== 0 or fatal("Could generate new key");
system("$OPENSSL req -text -new -config syscert.cnf ".
......
......@@ -401,7 +401,7 @@ sub CreateNewCert() {
my $genopts =
($encrypted ? " -passout 'pass:${sh_password}' -des3 " : "");
system("$OPENSSL genrsa $genopts -out usercert_key.pem 1024")
system("$OPENSSL genrsa $genopts -out usercert_key.pem 2048")
== 0 or fatal("Could generate new key");
}
my $reqopts = ($encrypted ? "-passin 'pass:${sh_password}' " : "");
......
#
# Copyright (c) 2000-2017 University of Utah and the Flux Group.
# Copyright (c) 2000-2018 University of Utah and the Flux Group.
#
# {{{EMULAB-LICENSE
#
......@@ -159,7 +159,7 @@ emulab_privkey.pem:
# Generate a priv key for signing stuff. This one gets a
# passphrase.
#
openssl genrsa -out emulab_privkey.pem -des3
openssl genrsa -out emulab_privkey.pem -des3 2048
emulab_pubkey.pem: emulab_privkey.pem
#
......@@ -173,7 +173,7 @@ emulab_pubkey.pem: emulab_privkey.pem
# by you and writable.
#
%.key:
openssl genrsa -out $@ -rand .rand 1024
openssl genrsa -out $@ -rand .rand 2048
# The point of the this is to recover the keys from where they were
# originally installed. We do this cause people often lose their
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment