SSH DSA logins on crank.
Chris Ball
cjb at laptop.org
Wed May 21 10:06:56 EDT 2008
Hi,
> So DSA is a no-go from now until the end of time?
I'm open to debate on that, though many systems have made that decision;
debian.org and freedesktop.org are no longer allowing DSA logins, for
example. (I'm curious to hear reasons for wanting to use DSA keys,
now that the RSA patents have expired.)
> By the way, will remaining and new RSA keys be tested for bad
> randomness?
Yes. We have the openssh-blacklist package installed, which contains
keyhashes of all possible weak keys and disallows logins using them.
- Chris.
--
Chris Ball <cjb at laptop.org>
More information about the Devel
mailing list