I'm curious if there is any clear cut preference in choosing
RSA or DSA keys.
I believe that DSA is more resistant to current theoretical attacks.
I have been using DSA since this guarantees a connection under protocol version 2.
RSA1 keys are different than RSA2 keys. It doesn't matter if you use "rsa" or "dsa" as your key type; it will only work for ssh2. Only "rsa1" keys work for ssh1.
Also, I seem to recall (but now can't find) that there was some question
about RSA copyright.
It was patents which posed a problem. Those patents are up, and there is no longer a problem.
For my purposes, the main use will be for batch jobs of scp.
If you're security minded, it's more important to tie the key to the job than to pick the right key, I think. For instance, if you want to copy files from one system to another, generate a key on the source, and install the public key on the destination with a "command" option like this:
command="scp -t /var/www/html/index.html" ssh-rsa ......... (on the client, use "scp -i <identity-file> new-index.html \ destination.host:/var/www/html/index.html" )
or:
command="rsync --server -a . /var/www/html/" ssh-rsa ......... (on the client, use "rsync -a -e 'ssh -i <identity-file>' \ /var/www/html/ destination.host:/var/www/html/" )
-- Psyche-list mailing list Psyche-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/psyche-list
