Mick wrote:
> I have looked around and have found confusing info regarding which is a
> better
> key cipher to use for ssh authentication. Some say that RSA is widely
> considered more secure than DSA. Some say that it doesn't really matter, as
> long as you use a large enough bits setting in creating your key. RSA takes
> longer to create but it takes less time to authenticate on the server and DSA
> is the other way around. Not sure what to believe and I'd rather not be
> guessing which one is best
DSA keys are always 1024 bits, as this is mandated by the standard. RSA
keys can have variable length. From "man ssh-keygen":
-b bits
Specifies the number of bits in the key to create. For RSA keys,
the minimum size is 768 bits and the default is 2048 bits. Gen-
erally, 2048 bits is considered sufficient. DSA keys must be
exactly 1024 bits as specified by FIPS 186-2.
Another argument in favor of RSA is mentioned in the PuTTY FAQ:
http://www.chiark.greenend.org.uk/~sgtatham/putty/faq.html#faq-dsa
Personally, I use RSA keys because I want to use a 2048 bit key length.
-- Remy
Remove underscore and suffix in reply address for a timely response.
--
gentoo-user@gentoo.org mailing list
