From owner-freebsd-stable@FreeBSD.ORG Thu Aug 14 17:41:21 2008 Return-Path: Delivered-To: freebsd-stable@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 5D627106566C for ; Thu, 14 Aug 2008 17:41:21 +0000 (UTC) (envelope-from spomerg@cwu.EDU) Received: from scylla.cts.cwu.edu (scylla.cts.cwu.edu [198.104.67.151]) by mx1.freebsd.org (Postfix) with ESMTP id 541758FC19 for ; Thu, 14 Aug 2008 17:41:21 +0000 (UTC) (envelope-from spomerg@cwu.EDU) Received: from CONVERSION-CWU-DAEMON.SCYLLA.CTS.CWU.EDU by SCYLLA.CTS.CWU.EDU (PMDF V6.4 #31640) id <01MYCGOG1Y80000A1O@SCYLLA.CTS.CWU.EDU> for freebsd-stable@freebsd.org; Thu, 14 Aug 2008 10:41:20 -0700 (PDT) Received: from hermes.cwu.edu (hermes.cwu.edu [172.16.21.28]) by SCYLLA.CTS.CWU.EDU (PMDF V6.4 #31640) with ESMTP id <01MYCGOFU4MM0009JQ@SCYLLA.CTS.CWU.EDU> for freebsd-stable@freebsd.org; Thu, 14 Aug 2008 10:41:20 -0700 (PDT) Received: from cwugate1-MTA by hermes.cwu.edu with Novell_GroupWise; Thu, 14 Aug 2008 10:41:20 -0700 Date: Thu, 14 Aug 2008 10:41:18 -0700 From: Gavin Spomer To: freebsd-stable@freebsd.org Message-id: <48A40BCE020000900001C192@hermes.cwu.edu> MIME-version: 1.0 X-Mailer: Novell GroupWise Internet Agent 7.0.3 Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: quoted-printable Content-disposition: inline Subject: Re: ssh-keygen between SuSE and FreeBSD X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2008 17:41:21 -0000 >=20 >>> Ronald Klop 08/14/08 10:34 AM >>> > >> I'm not quite sure right now why you're using rsa keys. I'm always = using > >> dsa keys (ssh-keygen -t dsa). It comes to my mind, that rsa keys are = for > >> ssh version 1, while dsa keys are for ssh version 2. > >> But I could be wrong here ;) > >> No man ssh handy right now, sorry. > > > > If that's true, then I believe I will start using the dsa ones! I = think =20 > > I chose rsa because the FreeBSD manual indicated I could use either = and =20 > > I could only find settings for enabling rsa in sshd_config on the = remote =20 > > servers, but I'll look again... >=20 > This story about rsa and dsa is not true. > Rsa wasn't free (patents or something else) until a few years ago. So = =20 > everybody used dsa. But since quite some time it doesn't matter what you = =20 > use. I don't know about advantages of one above the other. In daily use = =20 > they are the same. >=20 > Ronald. Thanks for more info. Maybe some people think that because of the = following lines in sshd.config? # HostKey for protocol version 1 #HostKey /etc/ssh/ssh_host_key # HostKeys for protocol version 2 #HostKey /etc/ssh/ssh_host_dsa_key Although the 2nd line *doesn't* read "#HostKey /etc/ssh/ssh_host_rsa_key", = maybe people are associating dsa with protocol 2 because of the 3rd and = 4th lines?