SSH DSA logins on crank.
Chris Ball
cjb at laptop.org
Mon May 19 11:02:59 EDT 2008
Hi,
I've disabled logins with DSA keys on dev.laptop.org. Turns out that
while your RSA key is only vulnerable if *created* on a weak Debian or
Ubuntu machine, your DSA key is vulnerable if *used* on Debian/Ubuntu¹,
due to DSA having a greater reliance on randomness.
Please mail sysadmin at rt.laptop.org if you were using a DSA key that you
now need to replace.
- Chris.
¹: http://blog.sesse.net/blog/tech/2008-05-14-17-21_some_maths.html
--
Chris Ball <cjb at laptop.org>
More information about the Devel
mailing list