[Bug 237391] Re: ssh-keygen should default to dsa not rsa
Note also that there is already some commentary on key sizes in the ssh- keygen manual page: For RSA keys, the minimum size is 768 bits and the default is 2048 bits. Generally, 2048 bits is considered sufficient. DSA keys must be exactly 1024 bits as specified by FIPS 186-2. -- ssh-keygen should default to dsa not rsa https://bugs.launchpad.net/bugs/237391 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 237391] Re: ssh-keygen should default to dsa not rsa
Neal said: I agree that using a longer default key length in RSA (and in DSA also) is a good idea at this point. I agree on RSA, but note that keys longer than 1024 bits are not permitted by the DSS. From past conversations with people who have better Real Cryptographer credentials than I, I understand that this is because there are other avenues of attack that do not scale with key size (at least not in the same way), so there's little point in longer keys. -- ssh-keygen should default to dsa not rsa https://bugs.launchpad.net/bugs/237391 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 237391] Re: ssh-keygen should default to dsa not rsa
I disagree, sorry. Other people have already pointed out a number of reasons. You mention that RSA needs a larger key size, but note that ssh-keygen already defaults to 2048-bit RSA keys. The main reason why DSA used to be preferred by many people was that the RSA algorithm was subject to patents. Those patents have since expired. If you think you can make a solid cryptographic argument that DSA should be the default, then you should make that argument on openssh-unix-dev (see http://www.openssh.org/list.html) rather than here. I don't feel that your argument is solid based on what I've seen, so I would rather not be in the position of forwarding it myself. A number of the links you posted refer to performance considerations. I rather doubt that this is or should be considered relevant for SSH keys. ** Changed in: openssh (Ubuntu) Status: New = Won't Fix -- ssh-keygen should default to dsa not rsa https://bugs.launchpad.net/bugs/237391 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 237391] Re: ssh-keygen should default to dsa not rsa
Confirmed. I think this would be a good change. :-Dustin ** Changed in: openssh (Ubuntu) Status: New = Confirmed -- ssh-keygen should default to dsa not rsa https://bugs.launchpad.net/bugs/237391 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 237391] Re: ssh-keygen should default to dsa not rsa
Sorry, what am I thinking ... I misread the bug report title. I prefer RSA keys to DSA keys. An interesting analysis lies in this thread: * http://www.linuxforums.org/forum/linux-security/3515-rsa-versus-dsa.html :-Dustin ** Changed in: openssh (Ubuntu) Status: Confirmed = New -- ssh-keygen should default to dsa not rsa https://bugs.launchpad.net/bugs/237391 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 237391] Re: ssh-keygen should default to dsa not rsa
I expect that someone someday will again make a bad random number generator. Maybe some proprietary box that I am pressured to use. I don't want my keys to be vulnerable just because I use them on a machine that doesn't get RNGs right. DSA is vulnerable to that problem, and RSA is not. I agree that using a longer default key length in RSA (and in DSA also) is a good idea at this point. E.g. jdstrand points out that in the openssl file /etc/ssl/openssl.cnf default_bits is still 1024. That should be fixed, via a different bug report. -- ssh-keygen should default to dsa not rsa https://bugs.launchpad.net/bugs/237391 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 237391] Re: ssh-keygen should default to dsa not rsa
From one of your links I also reminded that: 'It is possible to implement the DSA algorithm such that a subliminal channel is created that can expose key data and lead to forgable signatures so one is warned not to used unexamined code.' - another strike against it. -- ssh-keygen should default to dsa not rsa https://bugs.launchpad.net/bugs/237391 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openssh in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs