[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Buster SSH

Greg Wooledge <wooledg@eeg.ccf.org> wrote:
> On Tue, Sep 12, 2017 at 05:45:13PM +0000, Glenn English wrote:

>> Bingo! User has dsa keys. Root has dsa and rsa keys.
>> 
>> Thanks. Now all I have to do is figure out what I did so many years
>> ago to generate the dsas :-)

> You probably did ssh-keygen -t dsa.

> There was a period of time, about 20 years ago, when DSA keys were
> being promoted due to the RSA patent, which expired in 2000 in the US.
> More recently, it has been learned that the DSA keys are "weak"
> (citation needed), and so the recommendations have shifted.

The core problem (as I understand it) of most DSA implementations is it
depends on a perfect (P)RNG during operation. If your RNG is weak, an
attacker could compute your private key just from observing your traffic
(which the NSA for example does, as it has been proven).

RSA on the other hand "only" needs a strong RNG during key creation but
not during operation.

Grüße,
Sven.

-- 
Sigmentation fault. Core dumped.
Reply to: