2008/8/24 Axel Thimm <Axel.Thimm@xxxxxxxxxx>: > On Sat, Aug 23, 2008 at 04:37:13PM -0500, Jeffrey Ollie wrote: >> 2008/8/23 Axel Thimm <Axel.Thimm@xxxxxxxxxx>: >> > On Sat, Aug 23, 2008 at 04:06:07PM -0500, Jeffrey Ollie wrote: >> >> 2008/8/23 Axel Thimm <Axel.Thimm@xxxxxxxxxx>: >> >> > >> >> > I saw that some people are using CVS again, so I tried as well, but I >> >> > got: >> >> > >> >> > athimm@devel(1012):/home/.../smart/devel$ cvs up >> >> > Permission denied (publickey). >> >> > cvs [update aborted]: end of file from server (consult above messages if any) >> >> > >> >> > I have a new FAS password, all certs updated, I even checked the cvs >> >> > procedures for newbies on fpo, but I had no luck. What am I doing >> >> > wrong? >> >> >> >> Did you upload a new SSH public key? >> > >> > It won't let me: >> > >> > Error! >> > >> > The following error(s) have occured with your request: >> > >> > * ssh_key: Error - Not a valid RSA SSH key: ssh-dss ... >> > >> > Have DSA keys now been banned? >> >> Yes. >> >> > Why? >> >> The primary reason is that it's nearly impossible to tell if the key >> was generated on a Debian system with the compromised OpenSSL >> versions. > > That's overreacting. What happens if Gentoo makes a similar mistake > with RSA keys, will we ban them, too? DSA is a decent technology. > No because RSA doesn't leak information into your public key nor does it rely on the 'random' secret key to the same extent. Th >> I've heard rumblings that DSA keys are weaker for other reasons, but >> I've not seen any good explanations. > > Hearsay, your honour! On the contrary, I've heard that DSA gathers at > 1024 bits at least as much entropy as RSA with 2048, and DSA was the > recommended "new" algorithm half a decade ago. Currently RSA and DSA > are equal up. > I take your hearsay, and counter with my hearsay that DSA will be replaced next year with DSA2 which can use 4 bits of entropy and be as secure as 4096 RSA. -- Stephen J Smoogen. -- BSD/GNU/Linux How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. "The Merchant of Venice" _______________________________________________ Fedora-infrastructure-list mailing list Fedora-infrastructure-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
