diff --git a/src/bind_config.c b/src/bind_config.c
index cf5f34cb..f3b91e04 100644
--- a/src/bind_config.c
+++ b/src/bind_config.c
@@ -602,8 +602,9 @@ ssh_bind_config_parse_line(ssh_bind bind,
         break;
     case BIND_CFG_REQUIRED_RSA_SIZE:
         l = ssh_config_get_long(&s, -1);
-        if (l >= 0 && (*parser_flags & PARSING)) {
-            rc = ssh_bind_options_set(bind, SSH_BIND_OPTIONS_RSA_MIN_SIZE, &l);
+        if (l >= 0 && l <= INT_MAX && (*parser_flags & PARSING)) {
+            int i = (int)l;
+            rc = ssh_bind_options_set(bind, SSH_BIND_OPTIONS_RSA_MIN_SIZE, &i);
             if (rc != 0) {
                 SSH_LOG(SSH_LOG_TRACE,
                         "line %d: Failed to set RequiredRSASize value '%ld'",
diff --git a/src/config.c b/src/config.c
index 9a482358..dae84b58 100644
--- a/src/config.c
+++ b/src/config.c
@@ -1575,9 +1575,10 @@ static int ssh_config_parse_line_internal(ssh_session session,
         break;
     case SOC_REQUIRED_RSA_SIZE:
         l = ssh_config_get_long(&s, -1);
-        CHECK_COND_OR_FAIL(l < 0, "Invalid argument");
+        CHECK_COND_OR_FAIL(l < 0 || l > INT_MAX, "Invalid argument");
         if (*parsing) {
-            ssh_options_set(session, SSH_OPTIONS_RSA_MIN_SIZE, &l);
+            i = (int)l;
+            ssh_options_set(session, SSH_OPTIONS_RSA_MIN_SIZE, &i);
         }
         break;
     case SOC_ADDRESSFAMILY: