Accuracy
Large keys are not "slower to use" in many cases, since they are only used to validate or set up a session. An ongoing session usually transfers to a symmetric algorithm once established, and the user won't notice the short extra delay in session startup....
missed a comment I added and shouldn't have - removed(cherry picked from commit 7c684f3b95f641134496bc1210cfb2d814468767)
Update OpenVPN Wizard to include missing key sizes
...and add some useful info to guide the user.(cherry picked from commit 49810252681df9bd553e2221c885ceffaa2c4c7f)
Add missing recommended key lengths to OpenVPN options
Add key lengths to the OpenVPN options, for asymmetric keys of size 3072 (for current use), 7680, 15360 (for long term resistance), 8192 and 16384 (common binary exponents).
These are both supported by OpenVPN anyhow, and for certain uses are currently recommended (eg long term resistance to replay/decryption). See keylength.com for citations....
Added option to System > General Setup > webConfigurator to change the title of the Help menu in the navbar to either the system hostname or fqdn.
(cherry picked from commit 1d12996755ee6fb9b9e163d292bdba160a926e64)
Make QinQ interfaces work again
(cherry picked from commit 1322ee22354f1a6e184819fb7009a2996b63de97)
Allow IGMP Proxy logging verbosity to be selected via system log settings (PR 2901)
(cherry picked from commit 2bd0585e30e5ec8fc3b79ca3f579bf9a7c1bcbc8)
adding privileges and separating DNS Resolver overrides from general settings
(cherry picked from commit fc76a1e390c8ce9579df31457c74d1d0e572b78d)
Force 4096 RSA keys
Add option `-b 4096` to force the keys to 4096-bit.
This parameter is ignored for Ed25519 keys.
(cherry picked from commit 971257cbdf687c79943237b6c2f5e37c596318af)
Harden sshd_config
The changes are better explained in the following article:
https://stribika.github.io/2015/01/04/secure-secure-shell.html(cherry picked from commit dca77360ffe868327d82c20834eceb1079d5823b)
View revisions
Also available in: Atom