Re: Multiple keys in .ssh/authorized_keys file?
From: Darren Tucker (dtucker_at_gate.dodgy.net.au)
Date: 04/21/05
- Next message: Keith Thompson: "Re: Multiple keys in .ssh/authorized_keys file?"
- Previous message: Doug McIntyre: "Re: Password less SSH to Cisco router"
- In reply to: Keith Thompson: "Multiple keys in .ssh/authorized_keys file?"
- Next in thread: Keith Thompson: "Re: Multiple keys in .ssh/authorized_keys file?"
- Reply: Keith Thompson: "Re: Multiple keys in .ssh/authorized_keys file?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: 21 Apr 2005 21:52:29 GMT
On 2005-04-21, Keith Thompson <kst-u@mib.org> wrote:
> I generally include several keys in my $HOME/.ssh/authorized_keys
> file (on systems using OpenSSH). Is this really necessary or useful?
It's not necessary but may be useful depending on your configuration.
> The last one is useful if I need to use protocol 1. Can I safely
> delete it if I know the server and whatever client I might use support
> protocol 2?
Yes, provided you have your ssh2 private keys on the nodes you expect to
connect from.
> The DSA and RSA keys are both used with protocol 2. Is there any
> advantage in having both? If I use just one, is there any good reason
> to use DSA rather than RSA, or vice versa?
Not really. DSA is mandatory in the spec while RSA is recommended.
DSA keys are larger for a given size and take longer to generate but
they're faster to use. RSA keys are smaller and faster to generate
but relatively slower to use.
The PuTTY guys say that DSA is weaker *if implemented badly* (I don't
know the details but I don't doubt it), however I suspect (hope :-) that
isn't an issue for modern implementations.
> Are there clients or servers that support one but not the other?
Yes, older ssh.com servers (2.x and below I think) support only DSA and
not RSA. There may be others.
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
- Next message: Keith Thompson: "Re: Multiple keys in .ssh/authorized_keys file?"
- Previous message: Doug McIntyre: "Re: Password less SSH to Cisco router"
- In reply to: Keith Thompson: "Multiple keys in .ssh/authorized_keys file?"
- Next in thread: Keith Thompson: "Re: Multiple keys in .ssh/authorized_keys file?"
- Reply: Keith Thompson: "Re: Multiple keys in .ssh/authorized_keys file?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
|
