Agent forwarding with DSA keys?
Peter Stuge
stuge at cdy.org
Wed Sep 27 01:43:39 EST 2000
On Tue, Sep 26, 2000 at 10:37:38AM +0200, Markus Friedl wrote:
> On Tue, Sep 26, 2000 at 01:26:57AM +0200, Peter Stuge wrote:
> > Ehm, exactly how do I use my DSA key with version 1 of the protocol?
>
> you cannot.
Ok, that's what I thought.
> > > Thanks! OpenSSH rocks, by the way!
> >
> > What rocks most, IMHO, is that it implements SSH-2, which is the only thing
> > I really want to use because last thing I heard/read was that SSH-1 could be
> > hijacked, with some effort.
>
> do you have some _real_ information on this? or is it just FUD?
No real info I'm sure of, no. My suspicion comes from a number of posts to
BUGTRAQ which, if I'm not mistaken, boiled down to that it is possible to
hijack SSH-1 sessions. Anyway, I just generally assume worst case and
prefer SSH-2 when/where at all possible.
> > I generally don't want to risk that so I stick
> > to SSH-2 per default. This might of course be wrong, but I did some
> > research and ended up preferring SSH-2.
> >
> >
> > Also, would anyone know anything about a utility that is able to convert
> > ssh.com private DSA keys into PEM OpenSSL private DSA keys?
>
> ssh.com's format is not documented.
Ok, thx. (To Paul too for his comment.)
//Peter
--
irc: CareBear\ tel: +46-40-914420
irl: Peter Stuge gsm: +46-705-783805
More information about the openssh-unix-dev
mailing list