Join GitHub today
GitHub is home to over 28 million developers working together to host and review code, manage projects, and build software together.Sign up
Error message about DSA key on RHEL 7 #158
I see following messages in the logs of RHEL 7 systems with applied ssh-hardening:
and here another peace: https://www.gentoo.org/support/news-items/2015-08-13-openssh-weak-keys.html
Bettercrypto also do not have DSA keys (see here, page 23).
And here is the important reference to the openssh upstream on this topic.
As I understand, one of the key points is DSA key length of 1024, and this is still the case, from the man page of ssh-keygen on ubuntu-16.04:
@atomic111 maybe we should consider the removal of DSA from defaults here?
@artem-sidorenko ok the Problem is not the algorithem, it is the key length. because it is more complex to solve the discrete log problem then facturing. http://digitalassets.lib.berkeley.edu/techreports/ucb/text/CSD-84-186.pdf
Ok, we have no possibility to increase the key size, then we have to remove it. I agree