[Bug 3253] ssh-keygen man page still lists deprecated key types for -t
bugzilla-daemon at mindrot.org
bugzilla-daemon at mindrot.org
Mon Jul 17 13:29:16 AEST 2023
https://bugzilla.mindrot.org/show_bug.cgi?id=3253
Seff <ajdkgmfr at duck.com> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |ajdkgmfr at duck.com
--- Comment #4 from Seff <ajdkgmfr at duck.com> ---
I came to this report after being misled by the manual page of
ssh-keygen. It would have saved me a lot of time if it was written
somewhere that DSA was disabled by OpenSSH. This manual page even lists
dsa first, leading to believe it is a preferred choice.
-t dsa | ecdsa | ecdsa-sk | ed25519 | ed25519-sk | rsa
Specifies the type of key to create. The possible values are “dsa”,
“ecdsa”, “ecdsa-sk”, “ed25519”, “ed25519-sk”, or “rsa”.
After using the first option, dsa, I was left trying to figure out why
it was still asking the password. After all, ssh doesn't warn of the
disabled algorithm either.
It would be good the warn the user of this change at some point in the
process of setting up a new public key authentication.
--
You are receiving this mail because:
You are watching someone on the CC list of the bug.
You are watching the assignee of the bug.
More information about the openssh-bugs
mailing list