I disagree, sorry. Other people have already pointed out a number of reasons. You mention that RSA needs a larger key size, but note that ssh-keygen already defaults to 2048-bit RSA keys.
The main reason why DSA used to be preferred by many people was that the RSA algorithm was subject to patents. Those patents have since expired. If you think you can make a solid cryptographic argument that DSA should be the default, then you should make that argument on openssh-unix-dev (see http://www.openssh.org/list.html) rather than here. I don't feel that your argument is solid based on what I've seen, so I would rather not be in the position of forwarding it myself. A number of the links you posted refer to performance considerations. I rather doubt that this is or should be considered relevant for SSH keys. ** Changed in: openssh (Ubuntu) Status: New => Won't Fix -- ssh-keygen should default to dsa not rsa https://bugs.launchpad.net/bugs/237391 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
