Comments on: SSH Organization Tips http://eric.lubow.org/2007/linux-security/ssh-organization-tips/ Thoughts, musings, and other useless idealistic systems hoopla. Wed, 10 Mar 2010 22:04:00 +0000 http://wordpress.org/?v=2.9.2 hourly 1 By: eric http://eric.lubow.org/2007/linux-security/ssh-organization-tips/comment-page-1/#comment-5 eric Mon, 12 Feb 2007 02:40:34 +0000 http://eric.lubow.org/blog/2007/linux-security/26/ssh-organization-tips/#comment-5 In actuality, I just said to use DSA for consistancy. I generally find it better to pick a method and stick to it. To answer your question, my understanding from reading around (as I am no mathematical genius) is that the OpenSSH implementation of both RSA and DH/DSS are roughly equally secure, but your statement is correct (that DSA is just a signing algorithm). There is a group of links with further explanation on <a href="http://www.linuxforums.org/forum/linux-security/48093-openssh-user-host-authentication-rsa-versus-dsa-provides-stronger-security.html" rel="nofollow">Linux Forurms</a>. The creators of Putty don't seem to <a href="http://www.chiark.greenend.org.uk/~sgtatham/putty/faq.html#faq-dsa" rel="nofollow">like</a> DSA though. -eric In actuality, I just said to use DSA for consistancy. I generally find it better to pick a method and stick to it. To answer your question, my understanding from reading around (as I am no mathematical genius) is that the OpenSSH implementation of both RSA and DH/DSS are roughly equally secure, but your statement is correct (that DSA is just a signing algorithm). There is a group of links with further explanation on Linux Forurms. The creators of Putty don’t seem to like DSA though. -eric

]]> By: xenoterracide http://eric.lubow.org/2007/linux-security/ssh-organization-tips/comment-page-1/#comment-4 xenoterracide Sun, 11 Feb 2007 23:57:08 +0000 http://eric.lubow.org/blog/2007/linux-security/26/ssh-organization-tips/#comment-4 I have to ask. why DSA over RSA? A little research told me that DSA can't do encryption only signing, and RSA is faster at verification. I seem to remember reading somewhere that RSA is more secure. --Caleb Cushing xenoterracide@gmail.com I have to ask. why DSA over RSA? A little research told me that DSA can’t do encryption only signing, and RSA is faster at verification. I seem to remember reading somewhere that RSA is more secure.

–Caleb Cushing
xenoterracide@gmail.com

]]>