RSA versus DSA / Protocol 1 versus Protocol 2
Markus Friedl
markus at openbsd.org
Mon Feb 25 05:35:21 EST 2002
On Sun, Feb 24, 2002 at 11:24:23AM -0700, Bob Proulx wrote:
> I have been searching the archives and confused about some points that
> I am hoping could be cleared up.
>
> RSA versus DSA
>
> I seem to see a lot of messages saying this. That DSA is slow. DSA
> was added only to avoid a patent which is now expired. RSA is the
> preferred authentification method. DSA should be avoided. Which all
> sounds fine to me and I think I agree with that. Assuming this
> applies to both host keys and user keys it seems that you cannot
> disable this for host keys when using Protocol 2.
define 'disable'. you can delete the DSA host key.
> Is that required
> for compatibility or other reason?
the SSH2 'standard' defines:
The following public key and/or certificate formats are currently defined:
ssh-dss REQUIRED sign Simple DSS
ssh-rsa RECOMMENDED sign Simple RSA
There is a large installed base of DSA keys.
> Protocol 1 versus Protocol 2
>
> OpenSSH 3.x defaults to Protocol 2,1. Fine. But ssh-keygen and
> ssh-add default to creating and using rsa1 keys, which means using
> Protocol 1, but using DSA host keys.
in OpenSSH 3.1:
ssh-keygen will no longer have a default key type.
ssh-add will try to add all 3 key types.
-m
More information about the openssh-unix-dev
mailing list