public key authentication

Janina Sajka janina at
Sat Jun 5 21:39:36 EDT 2004

Shane Wegner writes:
> I believe rsa may be more secure.  A few admins I know
> require that rsa keys be used and not dsa.

I'd love to see some specifics about this, but the ssh-keygen man page is quite vague. It says rsa is "protocol version one," and dsa is "protocol version 2."

Now, what does that mean, actually?

> > and just accept the defaults. Do not put in a
> > password--unless you don't mind typing it every time you
> > connect.
> I have to disagree here.  If you don't use key passwords
> and your key(s) are compromised, an attacker can easily
> gain access to machines on which those keys are authorized.
Oh, I suppose. If you live in a high crime area of town you'd be putting bars on your windows and double, or triple-locks on your doors. In other parts of twon a simple, good lock will do. And, in some parts of the planet it's still possible to leave doors unlocked without a problem.

So, suit yourself. Not every machine is an NSA crypto cracker, and not every machine needs to be locked like Fort Knox, imho.

Besides, what are you doing exposing your keys to anyone coming along??

> -- 
> Shane Wegner
> _______________________________________________
> Speakup mailing list
> Speakup at

				Janina Sajka, Director
				Technology Research and Development
				Governmental Relations Group
				American Foundation for the Blind (AFB)

		Chair, Accessibility Workgroup
	Free Standards Group (FSG)

Email: janina at		Phone: (202) 408-8175

More information about the Speakup mailing list