Reviewers: Graham Percival, phileholmes_googlemail.com, Reinhold,
reinhold_kainhofer.com, graham_percival-music.ca,
Message:
On 2011/08/19 03:11:15, graham_percival-music.ca wrote:
On Fri, Aug 19, 2011 at 03:21:03AM +0200, Reinhold Kainhofer wrote:
> Am Friday 19 August 2011, 02:29:22 schrieb
percival.music...@gmail.com:
> > On 2011/08/18 11:42:13, Reinhold wrote:
> > > Why did you change all dsa to rsa?
> It's not only savannah, it's basically everone who knows a little
bit about
> security...
Wait, I'm confused again, so I looked it up.
http://savannah.gnu.org/maintenance/SshAccess
says "we recommend using only RSA keys, not DSA".
Does that page give incorrect advice?
I know just enough about security to know that I don't know about
security. I've asked my brother for advice, but ultimately I
would recommend starting a discussion with the savannah people if
you think they are giving flaws encryption advice.
Cheers,
- Graham
A bit of Googling seems to suggest that while DSA and RSA are generally
equivalent in strength for the same key size, DSA is limited to 1024-bit
max, while RSA allows up to 4096. Keys of 2048 bits are probably secure
for the reasonable future, and are the RSA default. See, for example
http://en.wikipedia.org/wiki/Rsa#Security_and_practical_considerations
Description:
DOC: Revise CG 3.4 Commit Access
Please review this at http://codereview.appspot.com/4898058/
Affected files:
M Documentation/contributor/source-code.itexi
Index: Documentation/contributor/source-code.itexi
diff --git a/Documentation/contributor/source-code.itexi
b/Documentation/contributor/source-code.itexi
index
60c8ca2c123ced3a6816c8241ba92ef831866712..831dbc2f0e1fecd6102a6498d680ff46300635b4
100644
--- a/Documentation/contributor/source-code.itexi
+++ b/Documentation/contributor/source-code.itexi
@@ -1422,15 +1422,15 @@ Contributor of} on your @qq{My Group Membership}
page.
@item
-Generate an SSH @q{dsa} key pair. Enter the following at the
+Generate an SSH @q{rsa} key pair. Enter the following at the
command prompt:
@example
-ssh-keygen -t dsa
+ssh-keygen -t rsa
@end example
When prompted for a location to save the key, press <ENTER> to
-accept the default location (@file{~/.ssh/id_dsa}).
+accept the default location (@file{~/.ssh/id_rsa}).
Next you are asked to enter an optional passphrase. On most
systems, if you use a passphrase, you will likely be prompted for
@@ -1442,7 +1442,7 @@ though you may find it tedious to keep re-entering it.
You can change/enable/disable your passphrase at any time with:
@example
-ssh-keygen -f ~/.ssh/id_dsa -p
+ssh-keygen -f ~/.ssh/id_rsa -p
@end example
Note that the GNOME desktop has a feature which stores your
@@ -1457,14 +1457,14 @@ gconftool-2 --set -t bool \
@end example
After setting up your passphrase, your private key is saved as
-@file{~/.ssh/id_dsa} and your public key is saved as
-@file{~/.ssh/id_dsa.pub}.
+@file{~/.ssh/id_rsa} and your public key is saved as
+@file{~/.ssh/id_rsa.pub}.
@item
-Register your public SSH @q{dsa} key with Savannah. From the
+Register your public SSH @q{rsa} key with Savannah. From the
@qq{My Account Configuration} page, click on @qq{Edit SSH Keys},
-then paste the contents of your @file{~/.ssh/id_dsa.pub} file into
+then paste the contents of your @file{~/.ssh/id_rsa.pub} file into
one of the @qq{Authorized keys} text fields, and click
@qq{Update}.
@@ -1485,7 +1485,7 @@ git config remote.origin.url \
@end example
@noindent
-where @var{user} is your username on Savannah.
+replacing @var{user} with your Savannah username.
@item
@@ -1566,9 +1566,14 @@ git config push.default matching
@noindent
Then @code{git@tie{}push} should work as before. For more
details, consult the @code{git@tie{}push} man page.
-@end enumerate
+@item
+Repeat the steps from generating an RSA key through to testing
+your commit access, for each machine from which you will be
+making commits.
+@end enumerate
+
@subsubheading Technical details
@itemize
_______________________________________________
lilypond-devel mailing list
lilypond-devel@gnu.org
https://lists.gnu.org/mailman/listinfo/lilypond-devel
