New snapshot

Gert Doering gert at greenie.muc.de
Wed Nov 15 07:49:41 EST 2000


Hi,

On Tue, Nov 14, 2000 at 12:15:04PM +1100, Damien Miller wrote:
> The new RSA authentications works similar to the current SSH2 DSA keys,
> but requires a little modification to config files. Currently RSA 
> key cannot be shared between SSH1 and SSH2.

Maybe I'm just a bit slow, maybe I just don't understand enough crypto
stuff.

What is this good for?  We now have *three* different sorts of host keys.
It most certainly confuses me, and I've worked with SSH for a long time
now, so I'm sure it will confuse the hell out of "ordinary users".

I can somewhat understand the RSA/DSA issue (RSA patent?) but having a
third key, RSA again but incompatible to ssh1 makes this really confusing.


Now if someone would stand up and say "oh, it's very easy, 2.4.0 will drop
DSA keys (except for compatibility to ssh.com) and RSA 1 will be the same 
as RSA 2", I will be the first to shout "hooray!"... :-)

gert

-- 
USENET is *not* the non-clickable part of WWW!
                                                           //www.muc.de/~gert/
Gert Doering - Munich, Germany                             gert at greenie.muc.de
fax: +49-89-35655025                        gert.doering at physik.tu-muenchen.de





More information about the openssh-unix-dev mailing list