setting minimum size of accepted rsa key
Is there a way to set the minimum size accepted by sshd as an RSA public key?
I want to restrict users to using RSA keys that are generated with ssh-keygen -b 8196 or greater.
I didn't see any option in sshd_config. There is a ServerKeyBits option, but that seems to apply only for SSHv1.
Solution 1:
In modern sshd versions (newer than when the question was asked), you can use an AuthorizedKeysCommand to fetch the user's public keys. The usual reason to use this, is to fetch keys from some central storage (ldap, mysql...). But you can also use this to filter the user's keys. You should also set AuthorizedKeys file to none to avoid a fallback to the unfiltered keys.