From 43d49fafa454bddd9ba20b6e6628c5472376fd18 Mon Sep 17 00:00:00 2001
From: naddy <>
Date: Thu, 11 Dec 2008 15:44:00 +0000
Subject: [PATCH] Bump size of isakmpd RSA host key up to 2048 bits to match
 the SSH2-RSA size; ok hshoexer@, no objection from miod@

---
 src/etc/rc | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/etc/rc b/src/etc/rc
index a6c4ed71..8ea3d689 100644
--- a/src/etc/rc
+++ b/src/etc/rc
@@ -1,4 +1,4 @@
-#	$OpenBSD: rc,v 1.320 2008/11/27 00:52:06 uwe Exp $
+#	$OpenBSD: rc,v 1.321 2008/12/11 15:44:00 naddy Exp $
 
 # System startup script run by init on autoboot
 # or after single-user.
@@ -594,7 +594,7 @@ fi
 
 if [ ! -f /etc/isakmpd/private/local.key ]; then
 	echo -n "openssl: generating new isakmpd RSA key... "
-	if /usr/sbin/openssl genrsa -out /etc/isakmpd/private/local.key 1024 \
+	if /usr/sbin/openssl genrsa -out /etc/isakmpd/private/local.key 2048 \
 	    > /dev/null 2>&1; then
 		chmod 600 /etc/isakmpd/private/local.key
 		openssl rsa -out /etc/isakmpd/local.pub \