[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Advice for key format with Nitrokey Pro 2 (signing, authentication)

On Apr 30, Alberto Luaces <aluaces@udc.es> wrote:

> 1. Authentication: salsa.debian.org only admits RSA or ed25519 for SSH —
> that rules out the ECC types provided by the Pro 2, but I wonder if I
> should go for RSA4096 or if something smaller could be faster on the
> hardware while still being decently secure (RSA3072, for example?).
For SSH (i.e. not a very long term secret) even RSA 2048 is more than 
Do not waste your time with cargo cult security.

> 2. Signing: does Debian commands like dsign or even the archive system
> prevent using certain key types or they are ok as long as gpg creates
> the signature?
Everything should work, as long as they are using a recent enough 
version of gnupg.


Attachment: signature.asc
Description: PGP signature

Reply to: