On Sat, Aug 23, 2008 at 3:37 PM, Jeffrey Ollie <[EMAIL PROTECTED]> wrote: > 2008/8/23 Axel Thimm <[EMAIL PROTECTED]>: >> On Sat, Aug 23, 2008 at 04:06:07PM -0500, Jeffrey Ollie wrote: >>> 2008/8/23 Axel Thimm <[EMAIL PROTECTED]>: >>> > >>> > I saw that some people are using CVS again, so I tried as well, but I >>> > got: >>> > >>> > [EMAIL PROTECTED](1012):/home/.../smart/devel$ cvs up >>> > Permission denied (publickey). >>> > cvs [update aborted]: end of file from server (consult above messages if >>> > any) >>> > >>> > I have a new FAS password, all certs updated, I even checked the cvs >>> > procedures for newbies on fpo, but I had no luck. What am I doing >>> > wrong? >>> >>> Did you upload a new SSH public key? >> >> It won't let me: >> >> Error! >> >> The following error(s) have occured with your request: >> >> * ssh_key: Error - Not a valid RSA SSH key: ssh-dss ... >> >> Have DSA keys now been banned? > > Yes. > >> Why? > > The primary reason is that it's nearly impossible to tell if the key > was generated on a Debian system with the compromised OpenSSL > versions. I've heard rumblings that DSA keys are weaker for other > reasons, but I've not seen any good explanations. >
There are several mathematical weaknesses in DSA keys that were outlined during the OpenSSL problems. I believe the main one is that the DSA signature can give away the private key. -- Stephen J Smoogen. -- BSD/GNU/Linux How far that little candle throws his beams! So shines a good deed in a naughty world. = Shakespeare. "The Merchant of Venice" _______________________________________________ Fedora-infrastructure-list mailing list [email protected] https://www.redhat.com/mailman/listinfo/fedora-infrastructure-list
