[ale] Best kind of ssh key

Jeff Lightner jlightner at water.com
Tue Sep 25 13:58:43 EDT 2007


"incite" - Funny - was that intentional? 

I'll have to say that I think it isn't really a good point.  While PuTTY
does run on Windoze it is not built by M$ and any issues it would have
of the nature discussed would be the fault of the folks that wrote it.
However, it you read the OP you see that the PuTTY folks are
specifically stating that they believe their implementation of DSA is
OK.  They're just saying that RSA doesn't have the randomness in the
first place so wouldn't need to rely heavily on "good" implementation of
the package authors.

-----Original Message-----
From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Evan
Pitstick
Sent: Tuesday, September 25, 2007 1:40 PM
To: Atlanta Linux Enthusiasts
Subject: Re: [ale] Best kind of ssh key

excellent point... anymore incite into the question?

On Tue, 2007-09-25 at 13:29 -0400, Jim Popovitch wrote:
> On Tue, 2007-09-25 at 12:37 -0400, Evan Pitstick wrote:
> > I have read a lot of conflicting information about the better ssh
key
> > type lately. My understanding before was that DSA was a stronger
keytype
> > however, i saw this yesterday on the PUTTY FAQ.
> > 
> > "DSA has a major weakness if badly implemented: it relies on a
random
> > number generator to far too great an extent. If the random number
> > generator produces a number an attacker can predict, the DSA private
key
> > is exposed - meaning that the attacker can log in as you on all
systems
> > that accept that key.
> > 
> > The PuTTY policy changed because the developers were informed of
ways to
> > implement DSA which do not suffer nearly as badly from this
weakness,
> > and indeed which don't need to rely on random numbers at all. For
this
> > reason we now believe PuTTY's DSA implementation is probably OK.
> > However, if you have the choice, we still recommend you use RSA
> > instead."
> > 
> > What do you guys think?
> 
> PuTTY is Windows software... so perhaps that speaks volumes about
> randomness and predictability on Windows systems.
> 
> -Jim P.
> 
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://www.ale.org/mailman/listinfo/ale

_______________________________________________
Ale mailing list
Ale at ale.org
http://www.ale.org/mailman/listinfo/ale
----------------------------------

CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.

----------------------------------




More information about the Ale mailing list