public key authentication
janina at rednote.net
Sat Jun 5 21:39:36 EDT 2004
Shane Wegner writes:
> I believe rsa may be more secure. A few admins I know
> require that rsa keys be used and not dsa.
I'd love to see some specifics about this, but the ssh-keygen man page is quite vague. It says rsa is "protocol version one," and dsa is "protocol version 2."
Now, what does that mean, actually?
> > and just accept the defaults. Do not put in a
> > password--unless you don't mind typing it every time you
> > connect.
> I have to disagree here. If you don't use key passwords
> and your key(s) are compromised, an attacker can easily
> gain access to machines on which those keys are authorized.
Oh, I suppose. If you live in a high crime area of town you'd be putting bars on your windows and double, or triple-locks on your doors. In other parts of twon a simple, good lock will do. And, in some parts of the planet it's still possible to leave doors unlocked without a problem.
So, suit yourself. Not every machine is an NSA crypto cracker, and not every machine needs to be locked like Fort Knox, imho.
Besides, what are you doing exposing your keys to anyone coming along??
> Shane Wegner
> Speakup mailing list
> Speakup at braille.uwo.ca
Janina Sajka, Director
Technology Research and Development
Governmental Relations Group
American Foundation for the Blind (AFB)
Chair, Accessibility Workgroup
Free Standards Group (FSG)
Email: janina at afb.net Phone: (202) 408-8175
More information about the Speakup