[gentoo-user] [OT] RSA Vs DSA keys for SSH authentication
Hi All, I have looked around and have found confusing info regarding which is a better key cipher to use for ssh authentication. Some say that RSA is widely considered more secure than DSA. Some say that it doesn't really matter, as long as you use a large enough bits setting in creating your key. RSA takes longer to create but it takes less time to authenticate on the server and DSA is the other way around. Not sure what to believe and I'd rather not be guessing which one is best What is the recommended/'best practice' approach on creating ssh keys for Gentoo users and why? -- Regards, Mick pgp57yxBjzsw2.pgp Description: PGP signature
Re: [gentoo-user] [OT] RSA Vs DSA keys for SSH authentication
On Monday 09 October 2006 09:07, Mick [EMAIL PROTECTED] wrote about '[gentoo-user] [OT] RSA Vs DSA keys for SSH authentication': Some say that RSA is widely considered more secure than DSA. DSA is mathematically stronger than RSA. However, that doesn't mean much since most attacks don't come from attacking the core of the algorithm anyway. -- If there's one thing we've established over the years, it's that the vast majority of our users don't have the slightest clue what's best for them in terms of package stability. -- Gentoo Developer Ciaran McCreesh pgpBSOqTuAbVR.pgp Description: PGP signature
Re: [gentoo-user] [OT] RSA Vs DSA keys for SSH authentication
On Monday 09 October 2006 22:48, Boyd Stephen Smith Jr. wrote: On Monday 09 October 2006 09:07, Mick [EMAIL PROTECTED] wrote about '[gentoo-user] [OT] RSA Vs DSA keys for SSH authentication': Some say that RSA is widely considered more secure than DSA. DSA is mathematically stronger than RSA. However, that doesn't mean much since most attacks don't come from attacking the core of the algorithm anyway. Do you mean that an RSA key with twice the number of bits (e.g. 2048 or even higher) is still weaker (i.e. easier to crack) than the DSA key? I know it's all psychological, but in my paranoid state it'll make me feel better . . . :)) -- Regards, Mick pgp2e0LBG0Byn.pgp Description: PGP signature
Re: [gentoo-user] [OT] RSA Vs DSA keys for SSH authentication
DSA is mathematically stronger than RSA. However, that doesn't mean much since most attacks don't come from attacking the core of the algorithm anyway. Do you mean that an RSA key with twice the number of bits (e.g. 2048 or even higher) is still weaker (i.e. easier to crack) than the DSA key? I know it's all psychological, but in my paranoid state it'll make me feel better . . . :)) I think what he means is that for a given key length, 1024bits in this case, the DSA key is, mathematically speaking, a stronger key. RSA has the advantage of allowing longer key lengths which makes RSA a stronger key, if you use 1024bits key length. But as he also pointed out, most hackers try to find other areas of weakness to exploit so the key strength becomes moot in that case. -Andrew Kay -- gentoo-user@gentoo.org mailing list
Re: [gentoo-user] [OT] RSA Vs DSA keys for SSH authentication
On Monday 09 October 2006 17:51, Drew [EMAIL PROTECTED] wrote about 'Re: [gentoo-user] [OT] RSA Vs DSA keys for SSH authentication': RSA has the advantage of allowing longer key lengths From what I understand, the DSA algorithm has no particular ties to the 1024-bit key length (implementations should be easy to modify for a different length) but there are no protocols that support using other key lengths with DSA as part of their standard. -- If there's one thing we've established over the years, it's that the vast majority of our users don't have the slightest clue what's best for them in terms of package stability. -- Gentoo Developer Ciaran McCreesh pgp6NS8D69aAS.pgp Description: PGP signature