On Mon, Nov 25, 2002 at 08:32:22AM -0000, Max Bowsher wrote: > Corinna Vinschen <[EMAIL PROTECTED]> wrote: > > ssh-keygen -t rsa > > > > creates an RSA key for SSH2. This is preferable over RSA1 and DSA > > keys due to security flaws in both. > > Aha. That's what I wanted to know. Are there any links you know of for > further info on this?
The SSH1's vulnerability is protocol immanent, described in detail here: http://www.corest.com/common/showdoc.php?idx=131&idxseccion=10 The DSA key vulnerability is described in the openssh source archive, file WARNING.RNG but it's so short, I can quote it here: A particularly pernicious problem arises with DSA keys (used by the ssh2 protocol). Performing a DSA signature (which is required for authentication), entails the use of a 160 bit random number. If an attacker can predict this number, then they can deduce your *private* key and impersonate you or your hosts. Corinna -- Corinna Vinschen Please, send mails regarding Cygwin to Cygwin Developer mailto:[EMAIL PROTECTED] Red Hat, Inc.