+ * For RHEL-7/CentOS-7 Dovecot set in /etc/pki/dovecot/dovecot-openssl.cnf:
+
+ [source,shell]
+ ----
+ [ req ]
+ default_bits = 2048
+ ----
+
* The most secure method is to use Elliptic Curve Digital Signature Algorithm (ECDSA) to generate new ssh keys, as the methods above override Fedora 33 new crypto polices rendering your system vulnerable.