SSH DSA logins on crank.

Bernie Innocenti bernie at
Mon May 19 22:08:06 EDT 2008

Chris Ball wrote:
> I've disabled logins with DSA keys on  Turns out that
> while your RSA key is only vulnerable if *created* on a weak Debian or
> Ubuntu machine, your DSA key is vulnerable if *used* on Debian/UbuntuĀ¹,
> due to DSA having a greater reliance on randomness.

Hopefully this doesn't mean that the _private_ DSA key can be
compromised if the _public_ key was copied on a Debian/Ubuntu machine.
If something like this was even possible, as it would make the whole
asymmetrical key scheme rather useless :-)

Copying a private key on multiple machines always has been very
poor security practice anyway.

  _| X |  Bernie Innocenti -
  \|_O_|  "It's an education project, not a laptop project!"

More information about the Devel mailing list