Good day all.
I am trying to better my understanding of SSHv2 security with RSA authentication. My question is this:
If an SSH server has a 2048-bit public key, is there any added security with also using a 4096-bit key when clients access from "dangerous" remote locations?
Clearly if the intruder intercepts traffic the brute-force attack would be made vs 2048-bit key rather than 4096 bit key, so the question then becomes: if client connect to a server with a 4096 bit key through a hostile network, would the 2048 bit public key of the server still be visible/retrievable by hostile network admin or is only 4096 bit key is visible? When a client attempts connection to the server, does the server automatically advertise all of it's public keys, hence having a 2048 bit public key on a server essentially nullifies any benefit of also having longer public keys on that server?
Thanks ahead
I am trying to better my understanding of SSHv2 security with RSA authentication. My question is this:
If an SSH server has a 2048-bit public key, is there any added security with also using a 4096-bit key when clients access from "dangerous" remote locations?
Clearly if the intruder intercepts traffic the brute-force attack would be made vs 2048-bit key rather than 4096 bit key, so the question then becomes: if client connect to a server with a 4096 bit key through a hostile network, would the 2048 bit public key of the server still be visible/retrievable by hostile network admin or is only 4096 bit key is visible? When a client attempts connection to the server, does the server automatically advertise all of it's public keys, hence having a 2048 bit public key on a server essentially nullifies any benefit of also having longer public keys on that server?
Thanks ahead