2008/8/24 Axel Thimm Axel.Thimm@atrpms.net:
On Sat, Aug 23, 2008 at 04:37:13PM -0500, Jeffrey Ollie wrote:
2008/8/23 Axel Thimm Axel.Thimm@atrpms.net:
On Sat, Aug 23, 2008 at 04:06:07PM -0500, Jeffrey Ollie wrote:
2008/8/23 Axel Thimm Axel.Thimm@atrpms.net:
I saw that some people are using CVS again, so I tried as well, but I got:
athimm@devel(1012):/home/.../smart/devel$ cvs up Permission denied (publickey). cvs [update aborted]: end of file from server (consult above messages if any)
I have a new FAS password, all certs updated, I even checked the cvs procedures for newbies on fpo, but I had no luck. What am I doing wrong?
Did you upload a new SSH public key?
It won't let me:
Error!
The following error(s) have occured with your request:
- ssh_key: Error - Not a valid RSA SSH key: ssh-dss ...
Have DSA keys now been banned?
Yes.
Why?
The primary reason is that it's nearly impossible to tell if the key was generated on a Debian system with the compromised OpenSSL versions.
That's overreacting. What happens if Gentoo makes a similar mistake with RSA keys, will we ban them, too? DSA is a decent technology.
No because RSA doesn't leak information into your public key nor does it rely on the 'random' secret key to the same extent. Th
I've heard rumblings that DSA keys are weaker for other reasons, but I've not seen any good explanations.
Hearsay, your honour! On the contrary, I've heard that DSA gathers at 1024 bits at least as much entropy as RSA with 2048, and DSA was the recommended "new" algorithm half a decade ago. Currently RSA and DSA are equal up.
I take your hearsay, and counter with my hearsay that DSA will be replaced next year with DSA2 which can use 4 bits of entropy and be as secure as 4096 RSA.