Re: OpenSSH: which public keys are required/recommended?

From: Chuck Renner (chuck@dataoncd.com)
Date: 03/27/02 

From: Chuck Renner <chuck@dataoncd.com>
Date: Wed, 27 Mar 2002 13:24:49 GMT

Timo Felbinger <Timo.Felbinger@quantum.physik.uni-potsdam.de> wrote in
news:Pine.LNX.4.33.0203271027450.496-100000@uranos.quantum.physik.uni-
potsdam.de:

>
> Hello,
>
> OpenSSH (in my case, version 3.1) supports three different types
> of private/public key pairs: rsa1 (protocol 1), rsa and dsa
> (protocol 2). I noticed that:
> 1) sshd refuses to start if no rsa1 host key is found, even if
> I don't need protocol 1, and have disabled it explicitely in
> sshd_config. Why?
> 2) protocol 2 seems to be supported if either one of the the
> corresponding key pairs, rsa or dsa, is present. Is there
> any advantage in having both? If not, is there a reason to
> prefer one over the other?
>
> Thanks in advance,
>
> Timo Felbinger
>
>

I may be completely out of line, but I have been told that rsa2 is
preferred, but there it is a patented technology, and has some licensing
restrings. Supposedly, there have been cases with some dsa keys where
hackers were able to create the private key from the public key. If it
is really important to you, you should investigate it further. I use
rsa2 keys. I must admit, I cannot cite any sources for this information,
and I am only relaying what I can vaguely remember, so I guess you could
call this hearsay.

Relevant Pages