They're the most widely used, and so seem to be the best supported. RSA keys are completely free of these compatibility headaches. On Fedora, gnome-keyring-daemon doesn't automatically pick up ECDSA SSH keys, so you won't be automatically prompted for a password to unlock your SSH key when you try to use it on Fedora. ![]() Therefore, using DSA keys (ssh-dss) is just going to cause headaches.ĮCDSA keys could be better, but sadly, ECDSA keys can also cause compatibility headaches on some platforms. As the release notes for OpenSSH 7.0 say, "Support for ssh-dss host and user keys is disabled by default at run-time". As of OpenSSH 7.0, SSH no longer supports DSA keys by default. Not for security reasons, but for compatibility reasons. So IMO that makes RSA (with a 2048 or 4096 bit key depending on how paranoid you are) still the most reasonable choice for general use.Įdit: update to current situation as of March 2017. It will probably be the best option in the long term but right now there are still supported systems out there that don't have sufficiently new openssh. It is a variant of the ECDSA algorithm but it solves the random number generator problem and uses a "nothing up my sleeve" curve. There are also concerns that the elliptic curves traditionally used may have been backdoored.ĮD25519 is an even newer option, introduced by openssh 6.5. Unfortunately it shares the disadvantage of DSA of being sensitive to bad random number generators. ECDSA has advantages in that a key can be much smaller than a RSA or DSA key for the same level of (presumed) security. For example, Debian squeeze and ubuntu lucid. Afaict most of these systems are out of support and should probably be migrated but we all know that doesn't happen somtimes. AIUI this made Debian basically abandon DSA for keys used on their infrastructure in light of the Debian OpenSSL random number generator fiasco.ĮCDSA is relatively new, from some quick searching it seems it was introduced in 5.7. ![]() As gilles says DSA is risky because if you make signatures (and using your key with a ssh client to log in is effectively making signatures) on a box with a bad RNG your key can be compromised.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |