RSA versus DSA / Protocol 1 versus Protocol 2

Kevin Steves stevesk at
Mon Feb 25 07:53:39 EST 2002

On Sun, 24 Feb 2002, Bob Proulx wrote:
:> define 'disable'. you can delete the DSA host key.
:Negative on being able to delete the DSA host key.  If you either
:remove the dsa host key or remove the 'HostKey /etc/ssh_host_dsa_key'
:line from the /etc/sshd_config file then sshd will never again speak
:Protocol 2.  It says this:
:  Protocol major versions differ: 2 vs. 1
:Apparently having the line 'HostKey /etc/ssh_host_rsa_key' is not
:sufficient to support Protocol 2 connections.  Protocol 1 connections
:continue operating fine in either case.

that should work.  sshd -d would be useful.

[root at jenny openssh]# ./sshd -d -p24
debug1: sshd version OpenSSH_3.0.2p1
debug1: private host key: #0 type 0 RSA1
debug1: read PEM private key done: type RSA
debug1: private host key: #1 type 1 RSA
debug1: Bind to port 24 on
Server listening on port 24.
Generating 768 bit RSA key.
RSA key generation complete.

More information about the openssh-unix-dev mailing list