SSH DSA logins on crank.
bernie at codewiz.org
Mon May 19 22:08:06 EDT 2008
Chris Ball wrote:
> I've disabled logins with DSA keys on dev.laptop.org. Turns out that
> while your RSA key is only vulnerable if *created* on a weak Debian or
> Ubuntu machine, your DSA key is vulnerable if *used* on Debian/Ubuntu¹,
> due to DSA having a greater reliance on randomness.
Hopefully this doesn't mean that the _private_ DSA key can be
compromised if the _public_ key was copied on a Debian/Ubuntu machine.
If something like this was even possible, as it would make the whole
asymmetrical key scheme rather useless :-)
Copying a private key on multiple machines always has been very
poor security practice anyway.
_| X | Bernie Innocenti - http://www.codewiz.org/
\|_O_| "It's an education project, not a laptop project!"
More information about the Devel