2008/8/23 Axel Thimm Axel.Thimm@atrpms.net:
On Sat, Aug 23, 2008 at 04:06:07PM -0500, Jeffrey Ollie wrote:
2008/8/23 Axel Thimm Axel.Thimm@atrpms.net:
I saw that some people are using CVS again, so I tried as well, but I got:
athimm@devel(1012):/home/.../smart/devel$ cvs up Permission denied (publickey). cvs [update aborted]: end of file from server (consult above messages if any)
I have a new FAS password, all certs updated, I even checked the cvs procedures for newbies on fpo, but I had no luck. What am I doing wrong?
Did you upload a new SSH public key?
It won't let me:
Error!
The following error(s) have occured with your request:
- ssh_key: Error - Not a valid RSA SSH key: ssh-dss ...
Have DSA keys now been banned?
Yes.
Why?
The primary reason is that it's nearly impossible to tell if the key was generated on a Debian system with the compromised OpenSSL versions. I've heard rumblings that DSA keys are weaker for other reasons, but I've not seen any good explanations.
In any case, it's probably a good idea to regenerate your SSH keys every now and then, I know I had been using mine FAR too long.