summaryrefslogtreecommitdiff
path: root/doc/security
diff options
context:
space:
mode:
authorNick Thomas <nick@gitlab.com>2017-08-28 21:33:35 +0100
committerNick Thomas <nick@gitlab.com>2017-08-30 20:50:44 +0100
commitb84ca08e351fc9238bef4e6b4bf74158d25d4f1d (patch)
treee7ec9704ec449b547b6193c5e0ba771a5aae62c2 /doc/security
parent6847060266792471c9c14518a5106e0f622cd6c5 (diff)
downloadgitlab-ce-b84ca08e351fc9238bef4e6b4bf74158d25d4f1d.tar.gz
Address review comments
Diffstat (limited to 'doc/security')
-rw-r--r--doc/security/README.md2
-rw-r--r--doc/security/ssh_keys_restrictions.md7
2 files changed, 5 insertions, 4 deletions
diff --git a/doc/security/README.md b/doc/security/README.md
index 1f54948d113..0fea6be8b55 100644
--- a/doc/security/README.md
+++ b/doc/security/README.md
@@ -1,7 +1,7 @@
# Security
- [Password length limits](password_length_limits.md)
-- [Restrict allowed SSH key technologies and minimum length](ssh_keys_restrictions.md)
+- [Restrict SSH key technologies and minimum length](ssh_keys_restrictions.md)
- [Rack attack](rack_attack.md)
- [Webhooks and insecure internal web services](webhooks.md)
- [Information exclusivity](information_exclusivity.md)
diff --git a/doc/security/ssh_keys_restrictions.md b/doc/security/ssh_keys_restrictions.md
index 32ca7dacab3..213fa5bfef5 100644
--- a/doc/security/ssh_keys_restrictions.md
+++ b/doc/security/ssh_keys_restrictions.md
@@ -2,12 +2,13 @@
`ssh-keygen` allows users to create RSA keys with as few as 768 bits, which
falls well below recommendations from certain standards groups (such as the US
-NIST). Some organizations deploying Gitlab will need to enforce minimum key
+NIST). Some organizations deploying GitLab will need to enforce minimum key
strength, either to satisfy internal security policy or for regulatory
compliance.
-Similarly, certain standards groups recommend using RSA or ECDSA over the older
-DSA and administrators may need to limit the allowed SSH key algorithms.
+Similarly, certain standards groups recommend using RSA, ECDSA, or ED25519 over
+the older DSA, and administrators may need to limit the allowed SSH key
+algorithms.
GitLab allows you to restrict the allowed SSH key technology as well as specify
the minimum key length for each technology.