SSH DSA logins on crank.
david at lang.hm
david at lang.hm
Wed May 21 17:09:41 EDT 2008
On Wed, 21 May 2008, C. Scott Ananian wrote:
> On 5/21/08, david at lang.hm <david at lang.hm> wrote:
>> one reason would be that DSA is more secure then RSA. If you have a copy
>> of the secret key from one end of the conversation and they are using RSA
>> you can decrypt the communication, with DSA you cannot do so. There are
>> several products on the market that take advantage of this fact and have
>> you load your keys on a seperate box that then intercepts the
>> communication to your webservers and decrypts the traffic (either inline
>> or from a tap). With these products you have to configure your webservers
>> to refuse DSA and only do RSA becouse with DSA they cannot decrypt the
>> traffic.
>
> Documentation, please? I think you've misunderstood something you read.
sorry, I mixed up DSA/RSA keys with DH/RSA encryption.
David Lang
More information about the Devel
mailing list