SSH DSA logins on crank.

Chris Ball cjb at laptop.org
Mon May 19 11:02:59 EDT 2008


Hi,

I've disabled logins with DSA keys on dev.laptop.org.  Turns out that
while your RSA key is only vulnerable if *created* on a weak Debian or
Ubuntu machine, your DSA key is vulnerable if *used* on Debian/Ubuntu┬╣,
due to DSA having a greater reliance on randomness.

Please mail sysadmin at rt.laptop.org if you were using a DSA key that you
now need to replace.

- Chris.

┬╣:  http://blog.sesse.net/blog/tech/2008-05-14-17-21_some_maths.html
-- 
Chris Ball   <cjb at laptop.org>



More information about the Devel mailing list