ssh-keygen between SuSE and FreeBSD
Gavin Spomer
spomerg at cwu.EDU
Thu Aug 14 17:41:21 UTC 2008
>
>>> Ronald Klop <ronald-freebsd8 at klop.yi.org> 08/14/08 10:34 AM >>>
> >> I'm not quite sure right now why you're using rsa keys. I'm always using
> >> dsa keys (ssh-keygen -t dsa). It comes to my mind, that rsa keys are for
> >> ssh version 1, while dsa keys are for ssh version 2.
> >> But I could be wrong here ;)
> >> No man ssh handy right now, sorry.
> >
> > If that's true, then I believe I will start using the dsa ones! I think
> > I chose rsa because the FreeBSD manual indicated I could use either and
> > I could only find settings for enabling rsa in sshd_config on the remote
> > servers, but I'll look again...
>
> This story about rsa and dsa is not true.
> Rsa wasn't free (patents or something else) until a few years ago. So
> everybody used dsa. But since quite some time it doesn't matter what you
> use. I don't know about advantages of one above the other. In daily use
> they are the same.
>
> Ronald.
Thanks for more info. Maybe some people think that because of the following lines in sshd.config?
# HostKey for protocol version 1
#HostKey /etc/ssh/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh/ssh_host_dsa_key
Although the 2nd line *doesn't* read "#HostKey /etc/ssh/ssh_host_rsa_key", maybe people are associating dsa with protocol 2 because of the 3rd and 4th lines?
More information about the freebsd-stable
mailing list